RT.com
06 Aug 2022, 17:43 GMT+10
A system bug reportedly allowed a hacker to steal the personal data of more than 5 million users
Twitter on Friday informed users of a security bug that had allowed "a bad actor" to obtain and sell the personal data of account holders. The tech giant didn't provide the number of compromised accounts, but media reports state that more than 5 million users could have been affected.
A company statement said that the system vulnerability, which resulted from a June 2021 code update, made it possible to enter an email address or phone number and learn if either was linked to a specific account.
Twitter fixed the bug in early 2022. In July, however, the company saw a press report suggesting that "someone had potentially leveraged this and was offering to sell the information they had compiled."
"After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed," Twitter revealed.
The company vowed to contact the owners of the accounts that were affected by the "unfortunate" incident. However, Twitter admitted that it had been impossible to confirm every account that was potentially compromised. The company stressed that it is "particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors."
Although passwords were not exposed and users do not need to do anything to address this specific issue, Twitter came up with a set of recommendations to protect accounts. The owners of pseudonymous accounts have been warned against adding publicly known phone numbers or email addresses, while all users are advised to enable two-factor authentication to protect their personal data.
In late July, the website RestorePrivacy revealed that a hacker who was operating under the username 'devil' had put on sale on a well-known hacking forum a database featuring the personal details of 5.4 million Twitter Users, including "Celebrities, to Companies, randoms, OGs, etc."
When reached by RestorePrivacy, this hacker revealed that he was asking for at least $30,000 for the database, which, he stressed, he managed to gather due to "Twitter's incompetence." He said that the exact mechanism of how he took advantage of the bug was explained in the January report of the HackerOne website by user 'zhirinovskiy', who was the first to warn Twitter of the vulnerability.
Twitter thanked 'zhirinovskiy' for "helping keep Twitter secure" and awarded him a $5,040 bounty for his investigation.
The incident is not the first time the personal data of Twitter users has been compromised.
In July 2020, the FBI launched an investigation into a Bitcoin scam attack that left "many highly-visible" accounts, including the ones of Elon Musk, Bill Gates, Barack Obama and Kim Kardashian, affected by hackers. The company said at the time that it had taken "significant steps" to limit the malign actors' access to its internal systems.
(RT.com)
Get a daily dose of International Technology news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to International Technology.
More InformationSAN FRANCISCO, California: Under pressure from European regulators, Apple has revamped its App Store policies in the EU, introducing...
New Delhi [India], July 2 (ANI): A seminar on the prospects and possibilities of artificial intelligence in Northeast India was organised...
Hyderabad (Telangana) [India], July 1 (ANI): NMDC, India's largest iron ore producer, marked a significant milestone with the inauguration...
YINCHUAN, July 1 (Xinhua) -- China on Monday reached a major milestone in desertification control by completing a barrier belt along...
Hyderabad (Telangana) [India], June 29 (ANI): Olympic Games Tokyo 2020 medalist Lovlina Borgohain eased past Punjab's Krisha Verma...
Hyderabad (Telangana) [India], June 29 (ANI): Former youth world champion Ankushita Boro showcased her class on Day 2 of the Elite...
WASHINGTON, D.C.: On Friday, President Donald Trump announced that he was halting trade discussions with Canada due to its decision...
FRANKFURT, Germany: Germany has become the latest country to challenge Chinese AI firm DeepSeek over its data practices, as pressure...
A crew from the UK has reportedly been unable to repair the aircraft for over 19 days A British F-35B Lightning II stealth fighter...
New Delhi [India], July 3 (ANI): The social media accounts of several Pakistani actors and cricketers remain blocked after it was reported...
Uttarkashi (Uttarakhand) [India], July 3 (ANI): Border Road Organisation (BRO) on Thursday worked to clear the land subsidence near...
Washington, DC [US], July 3, ANI: A federal judge on Wednesday blocked United States President Donald Trump's asylum ban at the Southern...