Data Breach

Cloudflare Data Breach

0 records exposed • August 2022

The same hackers who got into Twilio tried the same trick on Cloudflare employees. But Cloudflare used special security keys that the fake websites could not fool, so the attack failed.

What Happened

Cloudflare was targeted by the same SMS phishing campaign that compromised Twilio. However, Cloudflare FIDO2 security keys prevented account takeover, demonstrating effective phishing resistance.

Attack method: SMS phishing attempt

What Data Was Exposed

Is your business exposed?

What to Do If You're Affected

1.
No action needed - attack was prevented
2.
Consider implementing FIDO2 security keys

Lessons for Businesses

• FIDO2 hardware keys prevent phishing attacks
• Phishing-resistant MFA is essential
• Immediate disclosure helps the community

Sources

https://blog.cloudflare.com/2022-07-sms-phishing-attacks/

Related Breaches

Twilio 2022, Okta 2022

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required