Your contact lists, profile information, whom you’ve blocked, and more can only be recovered with your Signal PIN which was not (and could not be) accessed as part of this incident. “Message history is stored only on your device and Signal does not keep a copy of it. “Importantly, this did not give the attacker access to any message history, profile information, or contact lists,” Signal wrote in the incident’s announcement. The good news: because of the way Signal is designed, even if a hacker registers their account with a victim’s phone number, they don’t get access to a lot of information. This means that for those users, the hackers could have registered their numbers on their own device and essentially impersonated them, or intercepted the SMS verification code that Signal uses to register users. In particular, Signal said that hackers targeted around 1,900 of its users. On Monday, Signal, which uses Twilio for delivering text messages with verification codes, disclosed that it was one of the targets of this attack. When a user registers their phone number with Signal, Twilio sends them an SMS containing a verification code, which they then input to Signal. Crucially, Twilio provides text verification services for the encrypted messaging app Signal.
0 kommentar(er)
