Cloud Communications Company ‘Twilio’ has posted a blog on Tuesday and unfolded that its small number of users' emails have been penetrated by the Codecov supply chain attack by unidentified threat actors.
As per some of last month's reports, the most simplified code coverage tool Codecov was a victim of a supply-chain attack that lasted for two months.
Twilio said that the security of its users and products is the first priority but as of now, they are seeing this cyberattack as a piece of disturbing news for the organization and as well as for their customers. Additionally, they wanted to inform us briefly about the Codecov vulnerability that they have experienced and about the impact that it leftover on them, and lastly how they had managed it.
"On April 22, 2021, we received a notification from GitHub.com that suspicious activity had been detected related to the Codecov event and a Twilio user token that had been exposed…”
"…GitHub.com had identified a set of GitHub repositories that had been cloned by the attacker in the time before we were notified by Codecov," as per the company.
In a recent post, Twilio disclosed that the firm uses Codecov code coverage tools, including the compromised Bash Uploader script, in a number of its projects.
As soon as the company got to know about the incident and found out that some of its customers have been targeted, they reviewed their security measures while warning the impacted customers and rotating all "potentially exposed credentials and secrets."
Additionally, the company concluded its blog post by saying that there are no signals of any other customer data been accessed or at risk.
"This process ensures our technology supply chain always meets our standards for security. When we become aware of an incident or vulnerability within that supply chain, we move quickly to remediate the issue or remove the software from our environment," the post reads.
Twilio has become the second known organization that has witnessed a security attack related to the supply chain attack involving Codecov. Cloud Cyber Security person HashiCorp had disclosed a breach publically on April 22. Interestingly, like Twilio, a key action that the company took was rotating attacked information.