Signal Messaging App Confirms that their 1900 customers have also been affected Via Twilio hack

According to Signal Messaging App, their 1900 customers data have also been breached in the following phishing attack on Twilio which was the messaging service provider for the app.

Signal App confirmed on their social media platform and stated Recently @twilio , which provides SMS verification services for Signal, suffered a phishing attack. Via Twilio, attackers may have accessed phone numbers & SMS registration codes for 1,900 Signal users. 1/

Message history, profile info, contact lists, & other data were NOT & could not be accessed. The information attackers accessed could allow them to attempt to register a Signal user’s phone number on a new device if that user had not enabled registration lock. 2/

We have identified and are contacting the 1,900 potentially affected users. We are prompting them to re-register their Signal numbers and encouraging them to enable registration lock. We are also working with Twilio to ensure they upgrade their security practices. 3/

In the end they made a statement that Signal’s commitment to your privacy –to building a product that protects your information from third parties including Signal–is what ensured that message history, profile info, contact lists, and other data were not vulnerable in this incident.

“It’s important to note that the attacker was denied access to any message histories, profile details, or contact lists. Signal does not retain a copy of your message history; it is only stored on your device. Your Signal PIN, which was not (and was unable to be) obtained as part of this event, is the only way to recover your contact lists, profile information, blocked users, and other information. However, if an attacker managed to re-register an account, they would be able to use that phone number to transmit and receive Signal messages.” – Signal made a statement

To safeguard impacted users, Signal is taking the following actions:

  • Signal will require each of the 1,900 people who may be impacted to re-register Signal with their phone number on their chosen device, and Signal will unregister Signal on any other devices they may be using right now (or devices an attacker may have registered them to).
  • Signal is directly sending SMS notifications to all 1,900 individuals that could be impacted.



Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More