wp-plugin-hostgator domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114ol-scrapes domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114Source: https:\/\/www.theverge.com\/2022\/8\/15\/23306949\/signal-messaging-app-sms-twilio-data-breach-security-privacy<\/a> A data breach earlier this month affecting Twilio<\/a>, a gateway that helps web platforms communicate over SMS or voice, may have had repercussions for users of Signal, the encrypted messaging platform. Today, Signal announced<\/a> it has alerted 1,900 users that their accounts were potentially revealed to whoever hacked Twilio and said that the attackers searched for three specific numbers during the time they had access. <\/p>\n So far, Signal says it has heard from one of those three users that the attackers used their Twilio access to re-register a new device associated with their number, which would allow them to send and receive messages from that account.<\/p>\n According to Signal, \u201cmessage history, contact lists, profile information, whom they\u2019d blocked, and other personal data\u201d for all users remained secure. However, if someone was among the users potentially revealed, and they don\u2019t use Signal\u2019s Registration Lock<\/a> setting that requires their PIN<\/a> to add a new device, then an attacker could\u2019ve re-registered their account.<\/p>\n We have identified and are contacting the 1,900 potentially affected users. We are prompting them to re-register their Signal numbers and encouraging them to enable registration lock. We are also working with Twilio to ensure they upgrade their security practices. 3\/<\/p>\n \u2014 Signal (@signalapp) August 15, 2022<\/a>\n<\/p><\/blockquote>\n<\/div>\n<\/div>\n Signal is sending messages with a link to its support page for potentially affected accounts, as well as unregistering all devices connected to those accounts, and said it will be done with this process by tomorrow.<\/p>\n Summary<\/strong><\/p>\n Recently Twilio, the company that provides Signal with phone number verification services, suffered a phishing attack<\/a>. Here\u2019s what our users need to know:<\/p>\n All users can rest assured that their message history, contact lists, profile information, whom they\u2019d blocked, and other personal data remain private and secure and were not<\/strong> affected.<\/p>\n For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal. This attack has since been shut down by Twilio. 1,900 users is a very small percentage of Signal\u2019s total users, meaning that most were not affected.<\/p>\n We are notifying these 1,900 users directly, and prompting them to re-register Signal on their devices. If you received an SMS message from Signal with a link to this support article, please follow these steps<\/strong>:<\/p>\n Open Signal on your phone and register your Signal account again if the app prompts you to do so.<\/p>\n To best protect your account, we strongly recommend that you enable registration lock<\/a> in the app\u2019s Settings. We created this feature to protect users against threats like the Twilio attack.<\/p>\n<\/blockquote>\n<\/div>\n
\n
<\/br><\/code><\/p>\n\n
\n