{"id":36235,"date":"2020-07-23T21:45:00","date_gmt":"2020-07-23T21:45:00","guid":{"rendered":"https:\/\/www.darkreading.com\/cloud\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/d\/d-id\/1338447"},"modified":"2020-07-23T21:45:00","modified_gmt":"2020-07-23T21:45:00","slug":"twilio-security-incident-shows-danger-of-misconfigured-s3-buckets","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/","title":{"rendered":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets"},"content":{"rendered":"<header><\/header>\n<p><span class=\"strong black\">Twilio says attackers accessed its misconfigured cloud storage system and altered a copy of the JavaScriptSDK it shares with customers.<\/span><\/p>\n<p class>Twilio, the cloud communications platform-as-a-service (CPaaS) giant, has confirmed a security incident in which attackers accessed a misconfigured Amazon AWS S3 bucket and modified the TaskRouter JavaScript SDK. The SDK path had been publicly readable and writable since 2015.<\/p>\n<p>More than 5 million developers and 150,000 companies use Twilio, which offers tools to help businesses improve communications over voice, text, and video; its APIs help developers bring voice, video, and text into their applications. Twitter, Spotify, Hulu, Lyft, Yelp, Airbnb, Shopify, Uber, Netflix, and Foursquare are among Twilio&#8217;s customers.&nbsp; &nbsp;<\/p>\n<p>On July 19, Twilio was alerted to a change made to the TaskRouter JS SDK, a library it hosts to help customers interact with TaskRouter, which offers a routing engine to send tasks to agents or processes. The attacker-altered version of the library may have been available on Twilio&#8217;s CDN or cached by user browsers for up to 24 hours after the code was replaced on its website, which was about an hour after Twilio learned of the incident.<\/p>\n<p>Attackers were able to change the library&#8217;s code due to a misconfiguration in the S3 bucket that hosted the library. They injected code that made the browser load an extra URL that had been linked to Magecart attacks. Twilio doesn&#8217;t believe this was targeted at the company. Rather, it seems to be an opportunistic attack related to a campaign to exploit open S3 buckets for financial gain.<\/p>\n<p>&#8220;We had not properly configured the access policy for one of our AWS S3 buckets,&#8221; officials wrote in a <a href=\"https:\/\/www.twilio.com\/blog\/incident-report-taskrouter-js-sdk-july-2020\" target=\"_blank\" rel=\"noopener noreferrer\">disclosure<\/a>. One of its S3 buckets is used to serve content from a domain twiliocdn[.]com; here, it hosts client-side JavaScript SDKs for Programmable Chat, Programmable Video, Twilio Client, and Twilio TaskRouter. Only v1.20 of the TaskRouter SDK was affected by this issue, the company says.<\/p>\n<p>These files are served to users via the CloudFlare CDN&nbsp;content delivery network, but they are also directly available in the S3 bucket, where Twilio has configured a set of access policies for each path where files are stored. It had not properly configured the access policy for the path storing the TaskRouter SDK, meaning anybody could read or write to that path. While this path was not initially configured with public write access when it was added in 2015, Twilio says this changed shortly after.<\/p>\n<p>&#8220;We implemented a change 5 months later while troubleshooting a problem with one of our build systems and the permissions on that path were not properly reset once the issue had been fixed,&#8221; the company said.&nbsp;<\/p>\n<p>The code attackers injected is a malicious traffic redirector, report RiskIQ researchers who call it &#8220;jqueryapi1oad&#8221; and say it has been used in other campaigns. In <a href=\"https:\/\/www.riskiq.com\/blog\/labs\/misconfigured-s3-buckets\/\" target=\"_blank\" rel=\"noopener noreferrer\">an analysis<\/a> published in June, its team details attacks that leverage S3 buckets to insert code into websites. Jqueryapi1oad, named for the cookie the team connected with it, seems related to a long-running malvertising campaign. It was first identified in July 2019 and is still in use on 362 unique domains to date.<\/p>\n<p>This campaign, dubbed Hookads by RiskIQ, has previously been linked to exploit kits and other malicious behavior, researchers report. Hookads redirects users to different decoy websites and ultimately sends them to a website where malware is installed using exploit kits.<\/p>\n<p>&#8220;The Twilio compromise was another example of misconfigured Amazon S3 buckets used as an attack vector,&#8221; says RiskIQ threat researcher Jordan Herman. &#8220;Because of how easy they are to find and the level of access it grants attackers, we&#8217;re seeing attacks like this happening at an alarming rate.&#8221;<\/p>\n<p>After learning of the attack, Twilio locked down the bucket and uploaded a clean version of the library to the bucket path. It conducted an audit of AWS S3 buckets and found others with improper write settings, but say no other hosted SDKs were affected. There is no evidence indicating an attacker accessed customer data or any of its internal systems, code, or data. Twilio Flex customers were not affected.<\/p>\n<p><strong>Attackers Exploit a Common Problem<br \/><\/strong>As indicated in this incident and RiskIQ&#8217;s research, attackers are increasingly looking to exposed S3 buckets to bring malware into otherwise legitimate code. By infecting a single massive supplier, such as Twilio, they can indirectly affect many more businesses that rely on it.&nbsp;<\/p>\n<p>&#8220;Modern web applications make extensive use of third-party scripts and open source libraries, such as the TaskRouter library published by Twilio,&#8221; says Ameet Naik, security evangelist at PerimeterX. &#8220;Often introduced without proper vetting, this shadow code introduces known risks into the application and vastly expands the attack surface.&#8221;<\/p>\n<p>Compounding this risk is the all-too-common problem of misconfigured cloud storage buckets, which have proved to be a consistent problem for enterprise security over the past few years. In this year alone, <a href=\"https:\/\/www.darkreading.com\/cloud\/500000-documents-exposed-in-open-s3-bucket-incident\/d\/d-id\/1337343\" target=\"_blank\" rel=\"noopener noreferrer\">hundreds<\/a> of <a href=\"https:\/\/www.darkreading.com\/unlocked-s3-bucket-lets-36077-jail-files-escape\/d\/d-id\/1337008\" target=\"_blank\" rel=\"noopener noreferrer\">thousands<\/a> of files have been accidentally exposed because S3 buckets weren&#8217;t properly configured. Businesses would be wise <a href=\"https:\/\/www.darkreading.com\/cloud\/aws-s3-breaches-what-to-do-and-why\/a\/d-id\/1329354\" target=\"_blank\" rel=\"noopener noreferrer\">to learn<\/a> how to protect them and, like Twilio did in the aftermath of its incident, conduct an audit to see where they may be exposed.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div readability=\"9.4217391304348\">\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\" alt width=\"468\" height=\"60\"><\/p>\n<p><em><strong>&nbsp;<\/strong><\/em><\/p>\n<p><em><strong>&nbsp;<\/strong><\/em><\/p>\n<p><em><strong>Register now for this year&#8217;s fully virtual Black Hat USA, scheduled to take place August 1\u20136, and get more information about the event on the Black Hat website. Click for details on <a href=\"https:\/\/www.blackhat.com\/us-20\/\" target=\"_blank\" rel=\"noopener noreferrer\">conference information<\/a>&nbsp;and <a href=\"https:\/\/blackhat.informatech.com\/usa\/2020\/\" target=\"_blank\" rel=\"noopener noreferrer\">to register<\/a>.<\/strong><\/em><\/p>\n<\/div>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span><\/p>\n<p><strong>Recommended Reading:<\/strong><\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/cloud\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/d\/d-id\/1338447?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Twilio says attackers accessed its misconfigured cloud storage system and altered a copy of the JavaScriptSDK it shares with customers. Read More <a href=\"https:\/\/www.darkreading.com\/cloud\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/d\/d-id\/1338447?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-36235","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-07-23T21:45:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets\",\"datePublished\":\"2020-07-23T21:45:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/\"},\"wordCount\":958,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/\",\"name\":\"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"datePublished\":\"2020-07-23T21:45:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/","og_locale":"en_US","og_type":"article","og_title":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-07-23T21:45:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets","datePublished":"2020-07-23T21:45:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/"},"wordCount":958,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/","url":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/","name":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","datePublished":"2020-07-23T21:45:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/twilio-security-incident-shows-danger-of-misconfigured-s3-buckets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Twilio Security Incident Shows Danger of Misconfigured S3 Buckets"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36235"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36235\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}