Cryptocurrency
Security Breach in Authy App Database Exposes Phone Numbers
Thursday. July 4 at 7:30 PM
1 min. readA security breach in the Authy Android app's database allowed hackers to access phone numbers associated with accounts, as reported in a July 1 alert by Twilio, the app's developer. While user accounts were not compromised, the exposed phone numbers could be used for phishing attacks in the future. Authy, commonly used for two-factor authentication on centralized exchanges like Gemini and Crypto.com, has since secured the vulnerable endpoint and urged users to update the app for enhanced security. The breach, attributed to the ShinyHunters group, highlights the ongoing threat of SIM swap attacks, where attackers manipulate phone companies to gain control of users' phone numbers. To safeguard against such threats, users are advised to switch to authenticator apps for secure 2FA code delivery.