时间:2025-04-02 19:22:29 来源:网络整理编辑:綜合
On Monday, Signal, often viewed as the most secure messaging app, shared that a security breach of i
On Monday,Signal, often viewed as the most secure messaging app, shared that a security breach of its phone number verification service provider affected 1,900 of its users. Due to the breach, these users' phone numbers were exposed.
Tweet may have been deleted
According to Signal's post detailing the situation, the provider, Twilio, was targeted in a phishing attack. In Twilio's own postexplaining the situation, the company says it was a "sophisticated social engineering attack designed to steal employee credentials." The attack was successful in obtaining credentials from some of Twilio's employees. Twilio says that around 125 of its customers had data compromised during the attack. One of these affected customers is Signal.
On the bright side, Signal's reputation as the most secure messaging app is intact thanks to its service being 100 percent end-to-end encrypted. Without access to a Signal user's physical device, a bad actor could not access that user's messaging history. So, any sensitive information that was shared within messages on Signal have not been compromised. Profile data, contact list, and other data also was not compromised, again, thanks to Signal's design.
However, Signal warns that there were issues that arose for the users affected by the breach:
"For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio."
SEE ALSO:Apple delayed Telegram's iOS app update due to unauthorized use of its emojiAccording to Signal, one of those 1,900 users reported that their account was re-registered on another device without their authorization. Also, as Signal notes, most of its users were not affected at all by the security breach.
That there's been fairly little fallout from this security breach is a testament to Signal's security. But the breach is also a reminder of Signal's one glaring flaw: the requirement that a user registers their phone number to use the messaging service. Signal has previously hinted that it will soon allow people to use usernames instead of their phone number, but there is currently no scheduled roll out for that feature.
TopicsCybersecurity
Daughter gives her 1002025-04-02 19:17
不能忍!球隊遭絕平 前狼隊門將把丟球的隊友掐倒在地2025-04-02 19:11
比賽日:狼隊連進三球32025-04-02 19:08
國米VS拉齊奧前瞻:小因迎戰老東家 哲科PK因莫比萊2025-04-02 19:04
Two astronauts just installed a new parking spot on the International Space Station2025-04-02 18:55
法國名宿:梅西不該拿金球獎 因為他在西超杯染紅2025-04-02 18:48
胡爾克溫情親吻女友孕肚 小女兒取名叫Zaya(圖)2025-04-02 17:56
西媒:沙特財團不僅有意收購國米 還想收購馬賽2025-04-02 17:49
These glasses hide a fitness tracker on your face2025-04-02 17:47
曼城前瞻:麵對送分童子 藍月衝擊英格蘭足壇神紀錄2025-04-02 16:50
Katy Perry talks 'Rise,' her next batch of songs, and how to survive Twitter2025-04-02 19:22
十佳球:薩拉赫1V4破門 曼聯妖鋒穿雲箭 萊萬蠍子擺尾2025-04-02 18:44
曼聯前瞻:紅魔殘陣出擊考驗索帥 C羅或延續火熱狀態2025-04-02 18:20
中國女足主帥競聘麵試結束 未來一周足協將官宣2025-04-02 18:17
We asked linguists if Donald Trump speaks like that on purpose2025-04-02 18:10
曝C羅施壓索帥:每輪聯賽都首發 來曼聯隻為奪獎杯2025-04-02 17:51
否認傳聞!穆帥無意執教紐卡 直言100%專注於羅馬2025-04-02 17:50
C羅僅1射正進攻端碌碌無為 馬奎爾多次失誤釀丟球2025-04-02 17:46
Early Apple2025-04-02 17:40
足協杯廣東4隊出征剩獨苗 中超爭冠組一半止步2025-04-02 16:45