Summary

  • Authy is a 2FA app that recently suffered a data breach that exposed more than 33 million phone numbers.
  • An unsecured API endpoint allowed threat actors to collect linked numbers.
  • If you think your personal information might be among the 33 million leaked numbers, consider securing your accounts with 2FA and be wary of SMS phishing attacks.
  • @Substance_PEnglish
    103 months ago

    Wouldn’t it be great if independent auditors were standard, responsible for holding companies accountable for their data security practices, coupled with a rating system akin to those used in the banking sector? Before paying for a service, consumers would be aware of how secure the service is. Say A++ or AAA.

    It would be a pain in Silicon Valley’s ass for sure, but it would go a long way toward giving consumers peace of mind and bringing about a whole new industry in the process.

    • ddonuts4English
      23 months ago

      This is already a thing but I believe it’s mostly only used by government institutions.

      Google ISO27001, NIST CSF, FEDRAMP, PCI-DSS, SOC2, HIPAA

    • Carighan MaconarEnglish
      23 months ago

      coupled with a rating system akin to those used in the banking sector

      No. No, that really would not be great.

    • @[email protected]English
      13 months ago

      Rating schemes inevitably become subject to gaming and P2W.

      Service providers need to be honest about their stack and its implementation, and people need to git gud.