Unfortunately, any service that relies on a server-based infrastructure can be hacked if the attacker is just sophisticated enough, and this is exactly what happened to Authy’s parent company Twilio. In an elaborate social engineering attack, a bad actor gained access to employee’s accounts, in turn compromising the security of Authy and a handful of Twilio customers, including LastPass.
The suggested action does not disable any of your existing devices, only anyone trying to add a new device. None of anyone’s user accounts should be compromised, as anyone trying to access them would need the original ID and password. 2FA is still a secure way of authenticating into your various accounts.
See https://www.androidpolice.com/authy-hacked-what-to-know/
#technology #security #authy #hacked