Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users’ cell phone numbers.
The company said it took steps to secure the endpoint to no longer accept unauthenticated requests.
The development comes days after an online persona named ShinyHunters