Security Incident Report: Authy 2FA/TOTP Compromise - 08/22

Modified on Tue, Aug 9, 2022 at 10:31 AM

Good morning,

I am writing to all of you to inform you of a potential vulnerability that was brought to our attention here at Rustin Tech Tuesday morning (08/09/2022). There was a Cybersecurity incident disclosed by Twilio (creators of Authy) that may impact anyone who has used their products. If you have ever used Authy or another Twilio product please focus on moving your data today. Authy was commonly used for authentication codes, and if you use Authy please switch to another authentication app. While we are unsure what Data is compromised it is recommended that you take action immediately in the event that the attack is broad in reach. 

Here at Rustin we have no client data stored in Authy and we currently have no reason to believe that any customers have been affected. If we have any individual concerns regarding your organization and its cybersecurity we will be in touch as soon as possible. You will be updated with any further updates if necessary. 


As a reminder, if you or anyone in your organization has any emergency concerns or you believe you're facing a Cybersecurity threat please email [email protected].


Twilio's Article: Incident Report: Employee and Customer Account Compromise - August 4, 2022 (twilio.com)



Thank you for your patience and understanding.


Ryan Keenan, MTA AZ-900

IT Consultant

(267) 817-5942

[email protected]

www.rustintech.com

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article