Our provider, SMS Teknik, which we use to send one-time codes for two-factor authentication, has reported a data breach that occurred on August 19th. During this breach, attackers may have gained access to data such as SMS logs.
We have reviewed the information shared by SMS Teknik and assess that the impact on us and our customers is very limited. Since we only send codes via SMS that are useful only in combination with a successful login using a username and password, any potential leakage of previous SMS content is considered unusable by unauthorized parties.
As attackers may have potentially obtained phone numbers, we recommend being extra vigilant for phishing SMS or scam calls. No other actions are required at this time.