LF Europe’s Project Sylva wants to create an open source telco cloud stack

The Linux Foundation Europe (LF Europe) — the recently launched European offshoot of the open source Linux Foundation — today announced the launch of Project Sylva, which aims to create an open source telco cloud framework for European telcos and vendors. This is the first project hosted by LF Europe and is a good example of what the organization is trying to achieve.

The project aims to create a production-grade open source telco cloud stack and a common framework and reference implementation to “reduce fragmentation of the cloud infrastructure layer for telecommunication and edge services.” Currently, five carriers (Telefonica, Telecom Italia, Orange, Vodafone and Deutsche Telekom) and two vendors (Ericsson and Nokia) are working on the project.

“There’s a whole bunch of Linux Foundation networking projects already that have taken telecommunications into the open source era,” Arpit Joshipura, the general manager for Networking, Edge and IoT at the Linux Foundation, told me. “All those projects are under what is called the [LF] Networking foundation. […] So whatever that work is that is done by the telcos, Sylva is going to leverage and build on top of it with these European vendors to solve EU specific requirements. Those are security, energy, federated computing, edge and data trust.”

At the core of Sylva is a framework for a compute platform that can be agnostic to whether a workload is running on the telco access network, edge or in the core. The project aims to build a reference implementation, leveraging all of the work already being done by LF Networking, the Cloud Native Computing Foundation (the home of Kubernetes and other cloud-native infrastructure projects), LF Energy and others.

All of this, of course, is done with a focus on the EU’s goals around security, data privacy and energy management, but even though the project has this EU focus, the overall ambition is broader and goes well beyond the European Union. Many of these regulations, after all, will make it to other markets as well.

“Linux Foundation, Europe allows us to focus more on specific regional requirements, but without those siloes and fragmentation that foster that techno-nationalism, if you want to call it that, by really being able to foster local collaboration and then, pushing that stuff upstream gives us this amazing conduit to go across borders,” explained Gabriele Columbro, the general manager of the Linux Foundation Europe.

The vendors joining the project all argue that they are doing so in order to reduce fragmentation as the industry moves to a cloud-centric model and to enable interoperability between different platforms.

“The Telco Cloud ecosystem today is fragmented and slowing down our operational model transformation. Despite a transition to cloud native technologies, a real interoperability between workloads and platforms remains a challenge,” said Laurent Leboucher, group CTO and SVP, Orange Innovation Networks. “Indeed, operators have to deal with a lot of vertical solutions that are different for each vendor, leading to operational complexity, lack of scalability and high costs. Sylva, by providing a homogenous telco cloud framework for the entire industry, should help all the ecosystem to use a common technology, which will be interoperable, flexible and easy to operate.”

LF Europe’s Project Sylva wants to create an open source telco cloud stack by Frederic Lardinois originally published on TechCrunch

Twilio hack investigation reveals second breach, as the number of affected customers rises

U.S. messaging giant Twilio confirmed it was hit by a second breach in June that saw cybercriminals access customer contact information.

Confirmation of the second breach — carried out by the same “0ktapus” hackers that compromised Twilio again in August — was buried in an update to a lengthy incident report that Twilio concluded on Thursday.

Twilio said the “brief security incident,” which occurred on June 29, saw the same attackers socially engineer an employee through voice phishing, a tactic whereby hackers make fraudulent phone calls impersonating the company’s IT department in an effort to trick employees into handing over sensitive information. In this case, the Twilio employee provided their corporate credentials, enabling the attacker to access customer contact information for a “limited number” of customers.

“The threat actor’s access was identified and eradicated within 12 hours,” Twilio said in its update, adding that customers whose information was impacted by the June Incident were notified on July 2.

When asked by TechCrunch, Twilio spokesperson Laurelle Remzi declined to confirm the exact number of customers impacted by the June breach and declined to share a copy of the notice that the company claims to have sent to those affected. Remzi also declined to say why Twilio has only just disclosed the incident.

Twilio also confirmed in its update that the hackers behind the August breach accessed the data of 209 customers, an increase from 163 customers it shared on August 24. Twilio has not named any of its impacted customers, but some — like encrypted messaging app Signal — have notified users that they were affected by Twilio’s breach. The attackers also compromised the accounts of 93 Authy users, Twilio’s two-factor authentication app it acquired in 2015.

“There is no evidence that the malicious actors accessed Twilio customers’ console account credentials, authentication tokens, or API keys,” Twilio said about the attackers, which maintained access to Twilio’s internal environment for two days between August 7 and August 9, the company confirmed.

The Twilio breach is part of a wider campaign from a threat actor tracked as “0ktapus,” which targeted at least 130 organizations, including Mailchimp and Cloudflare. But Cloudflare said the attackers failed to compromise its network after having their attempts blocked by phishing-resistant hardware security keys.

As part of its efforts to mitigate the efficacy of similar attacks in the future, Twilio has announced that it will also roll out hardware security keys to all employees. Twilio declined to comment on its rollout timeline. The company says it also plans to implement additional layers of control within its VPN, remove and limit certain functionality within specific administrative tooling, and increase the refresh frequency of tokens for Okta-integrated applications.

Twilio hack investigation reveals second breach, as the number of affected customers rises by Carly Page originally published on TechCrunch

Optus, Australia’s second largest telco, says customer data exposed in data breach

Australia telecoms giant Optus said current and former customer data was accessed following a cyberattack on its systems.

Optus said in a press release on Thursday that an unspecified number of customer names, dates of birth, phone numbers, email addresses, and addresses and identity document numbers, such as driver’s license or passport numbers, were taken in the breach.

The telco did not say when the breach took place, but that it believes the incident is over.

Optus is a subsidiary of Singapore-owned Singtel and is Australia’s second largest telecoms company, with about 10 million customers.

The Australian Signals Directorate, the country’s equivalent of the U.S. National Security Agency, was notified about the incident.

Telecom, phone and cell giants are a frequent target for their role in any country’s critical infrastructure. Nation-state-backed hackers are known to break into telcos seeking phone records for spying on critics and conducting espionage, while criminal hackers, like SIM-swappers, often rely on breached data and insider access to carry out social engineering attacks that convince customer support or employees to hand over access to their systems.

Optus is the latest major telco hit by hackers in recent years. In 2015, Australian telco Telstra said its undersea cable company Pacnet’s internal network had been compromised for weeks, with hackers accessing its email and other internal business systems.

In the United States, T-Mobile disclosed its seventh network breach earlier this year, after hackers with the Lapsus$ cybercrime group stole the telco’s source code. Last year, the second largest cell carrier in the U.S. said at least 47 million customers had personal information stolen by hackers.

Optus, Australia’s second largest telco, says customer data exposed in data breach by Zack Whittaker originally published on TechCrunch

Huawei offers satellite SOS in China where Apple’s is unavailable

A day before Apple unveiled its highly anticipated satellite-powered SOS feature for iPhone 14, Huawei announced its own equivalent.

The Chinese telecoms equipment and smartphone giant said its flagship Mate 50 series will support texting via satellite communication. The feature is made possible by Beidou, China’s own navigation alternative to the U.S. government-owned Global Positioning System.

Sending messages via satellite signal isn’t a particularly new technology. But it’s the first time this feature of Beidou’s has been implemented in consumer-facing smartphones, Huawei said. Users will be able to send messages and their geographic coordinates using a special app and generate a map of their path, all the while cellular connection is unavailable.

The SOS communication feature is perhaps more useful in the U.S. where it’s easy to go off-the-grid — either because people choose to while camping or simply because cellular signals are not covered. Anyone who’s tried to seek real wilderness in China knows how often they end up on 5G-covered paved ways (with stairs and handrails!) instead of trails inside spectacular national reserves.

This new buzzy satellite function won’t likely save Huawei from its own troubles. The behemoth’s market share has taken a hit globally ever since the U.S. cut it off from core Android services and advanced chip supplies. It’s suffered at home, too, as it fell out of the top five brands in China last year, according to data from Counterpoint. Apple ranked fifth in Q2 in China with 13% of the country’s shipment volume.

Apple’s SOS satellite option is only available in the U.S. and Canada for now, while Huawei’s only works in mainland China. The divide has led a Chinese tech analyst to allude to the technological decoupling between the U.S. and China: “This situation [of the two handset giants each providing the SOS feature in their own country] is a metaphor for our world today.”

But ties between the two tech superpowers have been harder to untangle than many have expected. As the New York Times reported this week:

More than ever, Apple’s Chinese employees and suppliers contributed complex work and sophisticated components for the 15th year of its marquee device, including aspects of manufacturing design, speakers and batteries, according to four people familiar with the new operations and analysts. As a result, the iPhone has gone from being a product that is designed in California and made in China to one that is a creation of both countries.

Huawei offers satellite SOS in China where Apple’s is unavailable by Rita Liao originally published on TechCrunch

Firewalla launches the Gold Plus, its new 2.5 Gigabit firewall

Firewalla, maybe the only company that can say that its hardware firewalls have something of a cult following, today announced the latest addition to its portfolio: the $569 Firewalla Gold Plus. The Gold Plus will feature four 2.5 Gigabit Ethernet interfaces and its deep packet inspection hardware can handle up to 5 Gigabits at a time.

With this addition, Firewalla now offers a full set of products from the 100 Mbit Red (which is probably too slow for most users at this point) to the $329 Purple with up to a Gigabit of inspection bandwidth — and a few other variants in between and now the Gold Plus at the top end of the line. The regular Firewalla Gold will set you back $485 during the pre-buy phase, but its inspection hardware can handle up to 3 Gigabits of data.

The Gold Plus is something of a flagship device for Firewalla, being the most expensive and capable of its combined firewall and router devices yet.

With its four 2.5 Gigabit ethernet interfaces and 5 Gigabits of inspection capabilities, it’s likely overkill for home users. The Purple — and maybe even the Blue Plus — would be more than capable for most homes. The Firewalla team, however, also argues that as home internet speed increase beyond 1 Gigabit per second, a 2.5 Gigabit firewall and router may just be a good investment for the future.

Image Credits: Firewalla

My guess is that most of the buyers here will be small businesses, though. For them, the Gold Plus may just represent the right size for their needs (or the size they may soon grow into), before opting for more expensive and harder to manage enterprise devices.

”If a router can’t match the speed of an internet connection, users are leaving value and speed on the table,” said Jerry Chen, founder of Firewalla. ”Firewalla Gold Plus is perfect for the fast internet of the future and helps secure home networks and small businesses. We’re seeing many people upgrade their internet service and Firewalla Gold Plus can meet those speeds, future-proof their network architecture, and is compatible with WiFi 6E routers.”

When I tried Firewalla’s Purple router in the past, I was impressed by how easy it was to manage the basics of my home network without loosing the ability to dig very deep into the settings and customize every aspect of the network. In part, that’s why Firewalla has such a dedicated following, I think. It’s easy enough to get started but doesn’t hold you back when you want to go beyond the basics. That’s fun and useful for many home users but often essential for businesses.

The new Firewalla Gold Plus is now available for pre-order (and its price will likely go up after the pre-order phase). The devices will start shipping in January 2023, though if the company hits a certain number of pre-orders, it’ll be able to pull this date forward.

Twilio hackers breached over 130 organizations during months-long hacking spree

The hackers that breached Twilio earlier this month also compromised over 130 organizations during their hacking spree that netted the credentials of close to 10,000 employees.

Twilio’s recent network intrusion allowed the hackers access the data of 125 Twilio customers and companies — including end-to-end encrypted messaging app Signal — after tricking employees into handing over their corporate login credentials and two-factor codes from SMS phishing messages that purported to come from Twilio’s IT department. At the time, TechCrunch learned of phishing pages impersonating other companies, including a U.S. internet company, an IT outsourcing company and a customer service provider, but the scale of the campaign remained unclear.

Now, cybersecurity company Group-IB says the attack on Twilio was part of a wider campaign by the hacking group it’s calling “0ktapus,” a reference to how the hackers predominantly target organizations that use Okta as a single sign-on provider.

Group-IB, which launched an investigation after one of its customers was targeted by a linked phishing attack, said in findings shared with TechCrunch that the vast majority of the targeted companies are headquartered in the U.S. or have U.S.-based staff. The attackers have stolen at least 9,931 user credentials since March, according to Group-IB’s findings, with more than half containing captured multi-factor authentication codes used to access a company’s network.

“On many occasions, there are images, fonts, or scripts that are unique enough that they can be used to identify phishing websites designed with the same phishing kit,” Roberto Martinez, a senior threat intelligence analyst at Group-IB, told TechCrunch. “In this case, we found an image that is legitimately used by sites leveraging Okta authentication, being used by the phishing kit.”

“Once we located a copy of the phishing kit, we started digging deeper to get a better understanding of the threat. The analysis of the phishing kit revealed that it was poorly configured and the way it had been developed provided an ability to extract stolen credentials for further analysis,” said Martinez.

While it’s still not known how the hackers obtained phone numbers and the names of employees who were then sent SMS phishing messages, Group-IB notes that the attacker first targeted mobile operators and telecommunications companies and “could have collected the numbers from those initial attacks.”

Group-IB wouldn’t disclose the names of any of the corporate victims but said the list includes “well-known organizations,” most of which provide IT, software development and cloud services. A breakdown of the victims shared with TechCrunch shows that the threat actors also targeted 13 organizations in the finance industry, seven retail giants, and two video game organizations.

During its investigation, Group-IB discovered that code in the hacker’s phishing kit revealed configuration details of the Telegram bot that the attackers used to drop compromised data. (Cloudflare first revealed the use of Telegram by the hackers.) Group-IB identified one of the Telegram group’s administrators who goes by the handle “X,” whose GitHub and Twitter handles suggest they may reside in North Carolina.

Group-IB says it’s not yet clear if the attacks were planned end-to-end in advance or whether opportunistic actions were taken at each stage. “Regardless, the 0ktapus campaign has been incredibly successful, and the full scale of it may not be known for some time,” the company added.

The Moscow-founded startup Group-IB was co-founded by Ilya Sachkov, who was the company’s chief executive until September 2021 when Sachkov was detained in Russia on charges of treason after allegedly transferring classified information to an unnamed foreign government, claims Sachkov denies. Group-IB, which has since moved its headquarters to Singapore, maintains the co-founder’s innocence.

Oppo stays ‘committed’ to Europe despite sales suspension in Germany

Chinese smartphone titan Oppo will keep Germany as its main operational hub for its European business despite recently withdrawing sales from the country, Billy Zhang, the firm’s vice president of overseas sales and services, said told media on Monday.

Oppo halted sales in Germany this month after losing a patent lawsuit to the Finnish telecoms giant Nokia, which alleged that Oppo’s use of certain 4G and 5G signaling technologies had infringed on its patents.

OnePlus, which was folded into Oppo as a sub-brand last year, has also suspended sales in Germany.

Realme, a young phone brand associated with the Chinese electronics behemoth BBK, which is also credited for spawning Oppo, Vivo, and OnePlus, said it is “closely monitoring the situation” of Oppo’s patent challenges in Germany, Madhav Sheth, president of Realme’s international business group, said on a press call in early August.

Germany is a popular regional base for Chinese tech companies’ Europe expedition. Huawei’s European head office is in Düsseldorf. Autonomous driving unicorn Momenta picked Stuttgart as its first overseas stop to be close to its automaking partners.

Back in 2020, Oppo opened its European headquarters in Düsseldorf.

“Our long-term commitment to the European and German markets stays the same,” Zhang said on the call. “There isn’t an impact on our choice of office location, and the German office, where our European hub is located, will operate as usual.”

The smartphone maker accounted for 5% of Europe’s smartphone shipments in the second quarter, putting it in fourth place, according to research firm Counterpoint. Oppo is able to keep serving its existing customers in Germany, Zhang reassured, though some products have been put on hold over Oppo-owned channels in the country.

Though Oppo isn’t shaking up its German office, it’s making broader changes across the continent. Starting in August, the company will integrate certain resources from Central and Eastern Europe with those of Western Europe, Zhang said.

Such internal reorg can potentially cut costs and comes as no surprise amid global economic headwinds. Smartphone shipment worldwide fell 9% in Q2, according to research from Canalys, with Oppo and its rivals Xiaomi and Vivo posting double-digit declines in their home market China.

It remains to be seen how rivalry plays out between China’s smartphone darlings overseas. Realme has rapidly grown its piece of the pie in Europe, finishing Q2 in the fifth place by shipment volume.

“We have big aspirations in Europe for sure. We will continue to grow, and we would like to be in the top three or five in a lot of countries,” said Sheth.

Venue raises $4M from Accel and the CEOs of Slack, Remote, and SquareSpace to give team-wide video meetings a new breath of life

Zoom has in many ways “won” the mindshare game when it comes to video conferencing: whether you’re actually using Zoom, or another service that’s wrapped into another platform like Google or Microsoft, and whether it’s for work or fun, the standalone Zoom is the one that people reference, the one that has claimed anthimeric status.

But for those who use Zoom, or Google’s Meet, Microsoft’s Teams, or something else, you’ll know that they still lack in certain scenarios. Today a startup called Venue built to plug one of those gaps — larger team meetings — is setting out its stall to compete, with a video conferencing platform that brings in a host of personalization and other features from consumer communication apps to make it more engaging. These include emoji bursts, the ability to set background music and backgrounds, easy tools to share videos and other media, gifs, and multi-functional control panels that mimic those that appear in streaming platforms like Twitch.

“Our clients have told us that if Slack made video conferencing for team meetings, this is what it might look like,” said Jason Goldlist, who co-founded the company with Frank Poon, in an interview with me (which took place, naturally, on Venue).

The Toronto-based startup has been in private beta for the past two years, first as a bootstrapped business and then as part of the Y Combinator Winter 2022 cohort.

In that time, it’s picked up some very interesting traction. Its customers include Yelp, Shopify, and PwC; and it’s so far hosted more than 5 million minutes of meetings and 250,000 participants in aggregate.

And now it’s announcing $4 million in seed funding from an impressive list of backers: led by Accel, the group also incudes Stewart Butterfield, the CEO and co-founder of none other than Slack (he is investing directly, the investment is not coming from the Slack Fund, and this is the video pitch, in Venue, that Goldlist used to pitch him); SquareSpace founder and CEO Anthony Casalena; and the founder and CEO of Remote.com, Job van der Voort.

Venue will be using the funding both for more product development, and also to scale its infrastructure to work with more customers.

Venue’s basic pitch is that it’s not another video conferencing platform. As Goldlist told me the other day, the aim is not to replace Zoom, Meet, Teams or the others, which are perfectly serviceable for one-on-one or small group virtual gatherings.

“We see Zoom as the Craigslist of video conferencing,” he said. “You will always have people who will use it.

“Our role is not to out-Zoom Zoom,” he continued. “It’s to pick our niche and to execute really well. There is a specific set of use cases and venue is the best at and no one focuses the way we do on the all hands, the town halls the AMAs, especially for remote or highly distributed companies.”

Borrowing from the wider world of consumer apps, its aim is to give users more control and thus make video meetings on the platform less abstract. Emoji reactions, background music, dynamic backgrounds, video bubbles, and a wide set of chat tools are among the bells and whistles that Venue believes will keep users interested, and keep organizations on board as customers.

Winning people over with bells and whistles seems to have worked so far. The startup says that there have been over 2 million emoji reactions “blasted to presenters” and that more than 30,000 one-on-one connections have been made between users on Venue to date.

Venue’s emergence from private beta is coming with some momentum for sure, but also — for the video call weary among us — maybe some malaise. Much of the world has inched away from many of the trappings of life in the throes of Covid-19 — local authorities are imposing less rules about face masks, travel and being in groups; offices are opening up again; and some of our e-commerce habits are tailing off in favor of shopping, eating out or doing other things in person.

Video conferencing hasn’t exactly died in recent months, but we are definitely entering a more sober phase after the heady months of 2020 and 2021. Even Zoom has felt the pinch. Although the company met analyst expectations for revenues and beat on earnings in its last financial quarter, it’s been feeling the pinch of a tough market for tech stocks.

Most recently, Citi downgraded Zoom’s stock in the face of growing competition from bigger platforms (Microsoft being especially aggressive with business customers, picking up some interesting partners in the process such as Workplace, the enterprise version of Facebook from Meta), and Zoom itself has been working on a new strategy to double down once more on its bread-and-butter enterprise base after finding that monetizing all those dinner parties and calls among friends was going nowhere fast.

All of that means not just a trickier climate for all video conferencing apps, but also a lot more competition for smaller players among those bigger companies with the resources to build in the tools they lack today.

But although many work practices, including remote working and virtual meetings, definitely opened up in the last couple of years, Goldlist points out that the use case for better, larger team meetings is not something that materialized during / after Covid-19. He points specifically to the costs and clunky nature of traditional video conferencing systems.

“The price of running an all-hands [for a company with employees in more than one place] is extraordinary,” he said. Doing “back of the napkin math”, said Goldlist, the cost for a meeting for 1,000 people for an hour is upwards for $50,000. That is not equipment investments per se. “it’s a huge cost to interrupt people in the middle of the day to have a meeting,” he said. “These are expensive things. You need to make them unique.”

The fact that there are still so many moments when video meetings don’t feel ideal is likely a strong enough reason for investors to place a bet on one in an early stage that has picked up some users, and is seeing some momentum with the wider startup community.

“Too often all hands and large meetings are inefficient and costly. Historically, it’s been hard to produce highly engaging meetings for large groups – the tools and technology hasn’t supported it. But Venue is now making top-tier production value simple and accessible,” said Sara Ittelson, a partner at Accel, in a statement.

Signal says 1,900 users’ phone numbers exposed by Twilio breach

End-to-end encrypted messaging app Signal says attackers accessed the phone numbers and SMS verification codes for almost 2,000 users as part of the breach at communications giant Twilio last week.

Twilio, which provides phone number verification services to Signal, said on August 8 that malicious actors accessed the data of 125 customers after successfully phishing multiple employees. Twilio did not say who the customers were, but they are likely to include large organizations after Signal on Monday confirmed that it was one of those victims.

Signal said in a blog post Monday that it would notify about 1,900 users whose phone numbers or SMS verification codes were stolen when attackers gained access to Twilio’s customer support console.

“For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal,” the messaging giant said. “Among the 1,900 phone numbers, the attacker explicitly searched for three numbers, and we’ve received a report from one of those three users that their account was re-registered.”

While this didn’t give the attacker access to message history, which Signal doesn’t store, or contact lists and profile information, which is protected by the user’s security PIN, Signal said “in the case that an attacker was able to re-register an account, they could send and receive Signal messages from that phone number.”

For those affected, the company says it will unregister Signal on all devices that the user is currently using — or that an attacker registered them to — and will require users to re-register Signal with their phone number on their preferred device. Signal also advises users to switch on registration lock, a feature that prevents an account from being re-registered on another device without the user’s security PIN.

Although the Twilio breach impacts a fraction of Signal’s 40 million-plus users, users have long bemoaned how Signal — considered one of the most secure messaging apps — requires users to register a phone number to create an account. Other end-to-end encryption apps, such as Wire, allow users to sign up with a username. While Signal has slowly moved to end its reliance on phone numbers, such as with the introduction of Signal PINs in 2020, this incident will likely reignite calls for it to move faster.

Twilio hacked by phishing campaign targeting internet companies

Communications giant Twilio has confirmed hackers accessed customer data after successfully tricking employees into handing over their corporate login credentials. 

The San Francisco-based company, which allows users to build voice and SMS capabilities — such as two-factor authentication (2FA) — into applications, said in a blog post published Monday that it became aware that someone gained “unauthorized access” to information related to some Twilio customer accounts on August 4.

Twilio has more than 150,000 customers, including Facebook and Uber.

According to the company, the as-yet-unidentified threat actor convinced multiple Twilio employees into handing over their credentials, which allowed access to the company’s internal systems.

The attack used SMS phishing messages that purported to come from Twilio’s IT department, suggesting that the employees’ password had expired or that their schedule had changed, and advised the target to log in using a spoofed web address that the attacker controls. 

Twilio said that the attackers sent these messages to look legitimate, including words such as “Okta” and “SSO,” referring to single sign-on, which many companies use to secure access to their internal apps. (Okta was itself hit by a breach earlier this year, which saw hackers gain access to its internal systems.) Twilio said it worked with U.S. carriers to stop the malicious messages, as well as registrars and hosting providers to shut down the malicious URLs used in the campaign.

But the company said the threat actors seemed undeterred. “Despite this response, the threat actors have continued to rotate through carriers and hosting providers to resume their attacks,” Twilio’s blog post said. “Based on these factors, we have reason to believe the threat actors are well-organized, sophisticated and methodical in their actions.”

TechCrunch has since learned that the same actor also set up phishing pages impersonating other companies, including a U.S. internet company, an IT outsourcing company and a customer service provider, though what impact on these organizations — if any — isn’t currently known.

When reached, Twilio spokesperson Laurelle Remzi declined to say how many customers were affected or what data was accessed by the threat actors. Twilio’s privacy policy says the information it collects includes addresses, payment details, IP addresses, and in some cases proof of identity.

Twilio said since the attack, it has revoked access to the compromised employee accounts and has increased its security training to ensure employees are on “high alert” for social engineering attacks. The company said it has begun contacting affected customers on an individual basis.