Security Alerts

  • Home
  • Security Alerts

2FA provider Authy, password manager LastPass, and DoorDash all experienced breaches

In recent weeks, security provider Twilio revealed it was breached by well resourced phishers, who used their access to steal data from 163 of its customers. Security firm Group-IB, meanwhile said that the same phishers who hit Twilio breached at least 136 companies in similar advanced attacks. Three companies -- Twilio-owned Authy, password manager LastPass, and food delivery network DoorDash in recent days have all disclosed data breaches that appear to be related to the same activity. Authentication service Okta and secure messenger provider Signal, both recently said their data was accessed as a result of the Twilio breach. Group-IB said on Thursday that at least 136 companies were phished by the same threat actor as Twilio. DoorDash is one of them, a company representative has told TechCrunch.