Signal Fears Hackers May Have Accessed Phone Numbers of 1,900 Users

Encrypted messaging service Signal stated the cellphone numbers of 1,900 customers may have been revealed in a phishing assault on Twilio Inc, its verification providers supplier, earlier this month.

The attacker may even have accessed the SMS verification code used to register with Signal, however message historical past, profile info and get in touch with lists weren’t revealed, the corporate stated in a blog post on Monday.

“An attacker could have attempted to re-register number to another device or learned that their number was registered to Signal,” it stated.

Twilio, which disclosed the assault earlier this month, stated it has been working along with Signal to assist their investigation.

The San Francisco, California-based firm counts over 256,000 companies, together with Ford Motor, Mercado Libre, and HSBC, amongst its prospects.

China lately turned a goal of a phishing assault when a hacker claimed to have obtained the non-public info of 48.5 million customers of a COVID well being cell app run by the town of Shanghai. This is the second declare of a breach of the Chinese monetary hub’s knowledge in simply over a month.

The hacker with the username “XJP” posted a proposal to promote the information for $4,000 (roughly Rs. 3,20,000) on the hacker discussion board Breach Forums final week.

The individual offered a pattern of the information together with the cellphone numbers, names, Chinese identification numbers, and well being code standing of 47 folks.

Eleven of the 47 reached by Reuters confirmed they have been listed within the pattern, although two stated their identification numbers have been improper. Reuters was unable to additional confirm the authenticity of the hacker’s declare.

© Thomson Reuters 2022