Signal Fears Hackers May Have Accessed Phone Numbers of 1,900 Users

Encrypted messaging service Signal mentioned the cellphone numbers of 1,900 customers may have been revealed in a phishing assault on Twilio Inc, its verification companies supplier, earlier this month.

The attacker may even have accessed the SMS verification code used to register with Signal, however message historical past, profile info and call lists weren’t revealed, the corporate mentioned in a blog post on Monday.

“An attacker could have attempted to re-register number to another device or learned that their number was registered to Signal,” it mentioned.

Twilio, which disclosed the assault earlier this month, mentioned it has been working along with Signal to assist their investigation.

The San Francisco, California-based firm counts over 256,000 companies, together with Ford Motor, Mercado Libre, and HSBC, amongst its clients.

China just lately grew to become a goal of a phishing assault when a hacker claimed to have obtained the private info of 48.5 million customers of a COVID well being cell app run by town of Shanghai. This is the second declare of a breach of the Chinese monetary hub’s knowledge in simply over a month.

The hacker with the username “XJP” posted a suggestion to promote the info for $4,000 (roughly Rs. 3,20,000) on the hacker discussion board Breach Forums final week.

The particular person supplied a pattern of the info together with the cellphone numbers, names, Chinese identification numbers, and well being code standing of 47 individuals.

Eleven of the 47 reached by Reuters confirmed they had been listed within the pattern, although two mentioned their identification numbers had been flawed. Reuters was unable to additional confirm the authenticity of the hacker’s declare.

© Thomson Reuters 2022