Thanks for updating their users here, i am not an Authy app user, but their users have to be very careful of unsolicited sms's that they receive from now on. 33 million phone numbers is a lot, this is a crazy data breach; and this numbers will be sold and resold in the dark web, so there are going to be different attacks from this, especially the sim swap or simjacking attack.
To be honest, I'm not sure how it works when it asks for personal mobile numbers because other 2FAs don't work like that. But still, those that have it need to be careful.
Crazy times and pretty scary too to the users of the 2-factor authentication App. I think this is a wake-up call for people to start using much better alternatives like Aegis (available only on android)
It's a bit reliving that they were not able to access all other sensitive data as per the Twilo team claims, but who knows what else they could be hiding?
Yeah, it's aegis that's being used by the reputable people here and suggesting to use it. People should avoid using Google Auth and Authy nowadays.
I'm one if their users lol. If the only concern is those future spam sms and phishing attempts it's useless, unless the security was breach to the extent that malicious attackers hold those confidential security data then i'll consider myself to migrate to other app.
Talking about to migrate, whoever have the experience of using Bitwarden, saw it as recommendation from the comments in that article posted in OP.
That seems to be the only threat but still, once these bad actors got people's numbers. They'll pass it on to the others and who knows what else they can do. As for bitwarden, I guess that I've read that in some other recommendations but haven't really used it. So aside from aegis, raivo, there goes bitwarden. I do hope that the others are reading this thread for their reference.