Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack

If you are asking around for a privacy first instant messenger recommendation, you would hear the name Signal a lot. Signal is an open source end-to-end encrypted messaging app, recommended by the likes of Elon Musk and Edward Snowden. Alas! nothing is yet so safe on the internet as Signal users recently suffered from a phishing attack.

More specifically, current and former employees recently reported receiving text messages purporting to be from our IT department. Typical text bodies suggested that the employees passwords had expired, or that their schedule had changed, and that they needed to log in to a URL the attacker controls. The URLs used words including Twilio, Okta, and SSO to try and trick users to click on a link taking them to a landing page that impersonated Twilios sign-in page.

Twilio Blog on the Recent Attack

Signal uses a third party company, Twilio, for phone number verification services. Twilios customer support console was apparently maliciously accessed through a sophisticated social engineering attack. The attackers were able to steal employee credentials, and used it to access the support console.

Twilio initially claimed that 125 of their customers were affected by the phishing attack. But Signal in a recent follow-up claimed that approximately 1,900 of their users were affected. For the 1900 users, their phone numbers could have been potentially revealed as being tied to a signal account, and even the SMS verification codes used for that registration.

Signal also revealed that among the 1900 phone numbers, the attackers explicitly searched for three numbers, with one of user accounts being re-registered. Thankfully, that is the full extent of the recent phishing attack, and the attackers didnt have any access to any message history, profile information, or contact lists.

Signal is meanwhile notifying all the potentially affected users directly through SMS. For everyone else, Signal highly recommends turning on registration lock from their signal account.

Excerpt from:
Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack - Appuals

NSA surveillance exposed by Snowden ruled unlawful - BBC - May 25th, 2024
Can Edward Snowden Become the Next CEO of Twitter? Elon Musk is Ready to Give Up - Analytics Insight - May 15th, 2024
Edward Snowden Weighs In On Boeing Whistleblower's Death With Cryptic Message: 'If I Die, It Wasn't Suicide' - TradingView - March 21st, 2024
Edward Snowden Calls Bitcoin 'Most Significant Monetary Advance Since the Creation of Coinage' Featured Bitcoin ... - Bitcoin.com News - February 25th, 2024
Edward Snowden: Bitcoin 'Most Significant Monetary Advance Since the Creation of Coinage' - Decrypt - February 25th, 2024
Edward Snowden's Ominous Warning to the World - Newsweek - January 15th, 2024
Edward Snowden Says Institutions 'Burning The Public's Faith' At Time When AI Can Replace Them: 'A Revolu - Benzinga - January 15th, 2024
Edward Snowden: Bitcoin Safeguard for Pensions and Retirement - CoinGape - January 15th, 2024
Edward Snowden and Jack Dorsey Are Both Asking the Same Question: What Happened in 1971? - Foundation for Economic Education - December 11th, 2023
Edward Snowden - Simple English Wikipedia, the free encyclopedia - October 27th, 2023
Edward Snowden On The NSA, His Book 'Permanent Record' And Life In ... - April 17th, 2023
209-359-17.. located in Merced.. Find Info before it disappears... - April 17th, 2023
Edward Snowden gets Russian passport after swearing oath of allegiance ... - April 8th, 2023
Edward Snowden - Education, Movie & Documentary - Biography - March 5th, 2023
Before sending a voice message, ask if you could say it in writing: How to stop the avalanche of WhatsApp audios - EL PAS USA - February 25th, 2023
Entertainment News Roundup: Sean Penn film 'Superpower' catches Zelenskiy at moment of Russian invasion; And the winner is... London rolls out red... - February 25th, 2023
Edward Snowden Reacts To Elon Musk's 'Pardon' Poll: 'That's A Very Big ... - January 6th, 2023
NSA files decoded: Edward Snowden's surveillance revelations explained ... - December 20th, 2022
Edward Snowden says he feels itch to scale back in to $16.5K Bitcoin - December 20th, 2022
Edward Snowden Offers to Take Over as Twitter CEO for Salary in ... - Investing.com - December 20th, 2022
Where is Edward Snowden? | The Sun - November 25th, 2022
Edward Snowden, Elon Musk Optimistic About Bitcoin Despite FTX Collapse - Crypto Briefing - November 17th, 2022
Snowden's newfound Russian citizenship reignites the debate of privacy versus safety in the US - Tufts Daily - October 15th, 2022
Whistleblower behind Luanda Leaks, Malta Files and Football Leaks on trial - The Shift News - October 15th, 2022
'All The Beauty And The Bloodshed' Trailer: Laura Poitras' Golden Lion Winner Hits US Theaters Later This Fall - The Playlist - October 15th, 2022
NYFF 2022: No Bears, R.M.N., All the Beauty and the Bloodshed | Festivals & Awards - Roger Ebert - October 15th, 2022
From Bin Laden to Al Zawahiri: The evolution of Americas Targeted Killing Strategy - Indian Defence Review - October 15th, 2022
Arundhati Roy on Things that Can and Cannot Be Said: The Dismantling of the World as We Know It - LiveWire - October 7th, 2022
Billion Dollar Harvest: TikTok's Threat to National and Personal Security MARIST CIRCLE - Marist College The Circle - October 7th, 2022
'All the Beauty and the Bloodshed' Review: Politics of the Personal - slantmagazine - September 21st, 2022
Congressional inquiry reveals secret Customs and Border Protection database of U.S. phone records - CyberScoop - September 21st, 2022
The Most Controversial Biopics - IndieWire - September 21st, 2022
VIDEO: Priyanka Chopra celebrated her husband Nick Jonas' birthday like this at the golf course, wrote - News84Media.com - September 21st, 2022
From Bin Laden to Al Zawahiri: The evolution of Americas targeted killing strategy - MyVoice - September 21st, 2022
At German artist Thomas Demands MOCA exhibit, finding the material in the ephemeral - Toronto Star - September 21st, 2022
This is the jungle: Law enforcement slowly waking up to the threat of DeFi exploits - Fortune - September 13th, 2022
Icarus: The Aftermath Review: A Tense and Affecting Real-Life Sequel - Hollywood Reporter - September 13th, 2022
Fourth Amendment: The right to be left alone - Minot Daily News - September 13th, 2022
Opinion | It Is Time to Throw the Monarchies of the World Into the Dustbin of History - Common Dreams - September 13th, 2022
Do the FBI monitor peoples social media activity and online posts? Is it legal? - AS USA - September 5th, 2022
Is Trump the Rosenbergs? - JNS.org - JNS.org - September 5th, 2022
The Patriot Act: Mass Surveillance Before and After 9/11 - Privacy News Online - September 5th, 2022
Can code just be 'disappeared' from the internet? - POLITICO - August 28th, 2022
The Tech Industry Is in Its Whistleblower Era - The Atlantic - August 28th, 2022
History As It Happens: The Espionage Act's sordid origins - Washington Times - August 28th, 2022
The inside story of the CIA vs Russia - Asia Times - August 28th, 2022
'The rebels were sent to a lunatic asylum': These films end differently in China - Euronews - August 28th, 2022
Erik Prince wants to sell you a secure smartphone thats too good to be true - MIT Technology Review - August 20th, 2022
Judge orders DoJ to produce redacted version of affidavit in state secrets investigation of Trump - WSWS - August 20th, 2022
How to Use the Signal App: Tips & Tricks - Online Tech Tips - August 20th, 2022
Ruling Class Turns On Conservative Americans - The American Conservative - August 20th, 2022
Despite resistance, WikiLeaks continues its fight for the truth - Independent Australia - August 20th, 2022
The Republican party has reason to fear the midterms - The Guardian - August 20th, 2022
Government pays arms firm that spied on activists to snoop on all our internet records - The Canary - August 20th, 2022
Why is Australia risking conflict with China? - Asia Times - August 20th, 2022
Edward Snowden, Russia's 'Disinformation Campaign' Drive 'Downhill' Narrative, Says 'Black Swan' Author - Benzinga - August 12th, 2022
What Does All This TV Talk on Big Ten Do for Big 12 and Oklahoma State? - Pokes Report - August 12th, 2022
From Defending the Open Internet to Confronting the Reality of a Fragmented Cyberspace: Reflecting Upon Two CFR Reports on U.S. Goals in Cyberspace -... - August 12th, 2022
US Vows To "aggressively Pursue" Cryptocurrency Mixers - Nation World News - August 12th, 2022
After cryptos crash and NFTs collapse, Web3 idealists race to prove that the dream of decentralization isnt dead - Fortune - August 12th, 2022
Prescribing a New Paradigm for Cyber Competition - War on the Rocks - August 12th, 2022
What is Monero (XMR) Crypto? Is Edward Snowden Behind This Project too? - CryptoTicker.io - Bitcoin Price, Ethereum Price & Crypto News - August 4th, 2022
Russian hackers get the headlines. But China is the bigger threat to many US enterprises. - Protocol - August 4th, 2022
Why Is July 30th National Whistleblower Day? - Privacy News Online - August 4th, 2022
I may have to wait until I'm on my deathbed Panama Papers whistleblower - Namibian - August 4th, 2022
Whatever Happened to the Transhumanists? - Gizmodo Australia - August 4th, 2022
Julian Assange? Heres why I am not a fan of his - The Citizen - August 4th, 2022
Who Is Edward Snowden, the Man Who Spilled the NSA's Secrets? - July 26th, 2022
Why so silent? Edward Snowden has gone underground since Russia's ... - July 26th, 2022
Kids spend the summer in STEM camp - Marketplace - July 26th, 2022
Thomas Demand: The Stutter of History - Announcements - E-Flux - July 26th, 2022
Empire of Hacking: U.S. is the Biggest Threat to Cyber Security - Xinhua - July 26th, 2022
Edward Snowden Says 'We Are All Going To Be Billionaires' But... - Benzinga - Benzinga - July 18th, 2022
Joshua Schulte convicted on all counts in second trial over 2017 leak of Vault 7 cyberwarfare trove published by WikiLeaks - WSWS - July 18th, 2022
SMITHEREENS: Reflections on Bits & Pieces:SMITHERMATAZ. Category: Public Comment from The Berkeley Daily Planet - Berkeley Daily Planet - July 18th, 2022
Full Text of All Articles The Berkeley Daily Planet - Berkeley Daily Planet - July 18th, 2022
As Bear Market Turns All Eyes to Utility, Privacy Stands Poised To Lead Next Crypto Breakout - The Daily Hodl - July 18th, 2022
Yes, data centers use a lot of water. But a Utah company shows it doesn't have to be that way. - Salt Lake Tribune - July 18th, 2022
Edward Snowden - National Whistleblower Center - July 9th, 2022
Commentary: The fight against excessive surveillance continues in Maine and across the country - Press Herald - July 9th, 2022