Summary

  • Authy is a 2FA app that recently suffered a data breach that exposed more than 33 million phone numbers.
  • An unsecured API endpoint allowed threat actors to collect linked numbers.
  • If you think your personal information might be among the 33 million leaked numbers, consider securing your accounts with 2FA and be wary of SMS phishing attacks.
  • Substance_P@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    6 months ago

    Wouldn’t it be great if independent auditors were standard, responsible for holding companies accountable for their data security practices, coupled with a rating system akin to those used in the banking sector? Before paying for a service, consumers would be aware of how secure the service is. Say A++ or AAA.

    It would be a pain in Silicon Valley’s ass for sure, but it would go a long way toward giving consumers peace of mind and bringing about a whole new industry in the process.

    • Tregetour@lemdro.id
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Rating schemes inevitably become subject to gaming and P2W.

      Service providers need to be honest about their stack and its implementation, and people need to git gud.