August 17, 2022

About 1,900 phone numbers of Signal users were potentially exposed in the Twilio’s data breach. Twilio, a cloud communications company, suffered a cyberattack on August 4 that led to the exposure of data belonging to 125 of its customers.

In order to gain access to Twilio’s servers, the hackers used malicious text messages to gain access to the accounts of Twilio employees.

Signal posted a notice informing users of the incident. Signal investigations into the incident revealed that the hacker’s access to Twilio’s customer support console either enabled them to see that the phone number was linked to Signal account or revealed the SMS verification code for registering with the service.

“All users can rest assured that their message history, contact lists, profile information, whom they’d blocked, and other personal data remain private and secure and were not affected. During the window when an attacker had access to Twilio’s customer support systems it was possible for them to attempt to register the phone numbers they assessed to another device using the SMS verification code. The attacker no longer has this access, and the attack has been shut down by Twilio,” Signal said.

Signal pointed out that all affected 1,900 Signal users will be logged off on all devices, and they should go through the registration process on their devices.

The sources for this piece include an article in BleepingComputer.