HomeNewsTwitter Fixes vulnerability that could have exposed over 5 million accounts.

Twitter Fixes vulnerability that could have exposed over 5 million accounts.

By Manish
Manish
By Manish
Join Technspice on Telegram
Twitter Fixes vulnerability that could have exposed over 5 million accounts.

Twitter says it has closed a security hole that allowed hackers to collect data on more than 5 million accounts and then sell it on a well-known underground marketplace for cybercrime.

Because of this flaw, the real identities of people behind pseudonymous accounts on Twitter could have been revealed if they had entered the phone number or email address of a known user.

In a brief statement released on Friday, the microblogging giant explained that its “systems would tell the person what Twitter account, if any, the submitted email addresses or phone numbers were associated with.”

Six months after the bug was introduced to Twitter’s codebase, in January, it was finally patched thanks to a bug bounty report by a security researcher who was paid $6,000 for reporting the flaw.

The bug bounty report stated that this flaw could be exploited to “create a database” or “enumerate a big chunk of the Twitter user base,” and thus posed a “serious threat” to users with private or pseudonymous accounts. This is very similar to a bug that was found at the end of 2019 and allowed a security researcher to link 17 million phone numbers to their respective Twitter accounts.

The scientist’s warning, however, arrived too late. Within that six-month window, hackers were able to compile a list of 5.4 million Twitter users’ email addresses and phone numbers.

Twitter said it found out about the abuse through an unnamed media report in July. The report uncovered a listing on a cybercrime forum boasting to have user data “from celebrities to companies,” as well as “OGs,” which are unique or highly sought-after social media and gaming usernames.

Twitter said that it had “confirmed that a bad actor had taken advantage of the issue before it was addressed” after reviewing a sample of the data for sale. All users whose accounts we are able to verify as being compromised will be notified directly.

It’s the most recent Twitter security breach in recent memory. When users set up two-factor authentication on Twitter, the company obtained their phone numbers and emails and then used them for targeted advertising without their permission, prompting Twitter to settle with the Federal Trade Commission in May for $150 million.

Via

Follow Tech n Spice on TwitterFacebook and subscribe to our YouTube channel for the latest videos tech newsleakstips & tricks, top-notch gadget reviews of the most interesting releases, and some Automobile NewsAlso, follow us on Google News for the latest updates.

DisclosureSome of the links in the website are affiliate links, meaning that at no additional cost to you but, we will receive a commission if you click through and make a purchase.

Previous articleThe OPPO Watch 3 series will make its debut in the Chinese market on August 10
Next articleJioGamesWatch is a new streaming platform from Reliance Jio.
Manish
Manishhttp://technspice.com
I am a Tech Enthusiastic fond of new gadgets. I always strive to be Simple and unbiased in my Content. My hobbies are to watch movies and videography.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

FOLLOW US

8,306FansLike
1,026FollowersFollow
22FollowersFollow
1,960FollowersFollow
474FollowersFollow
16,500SubscribersSubscribe

LATEST POSTS

Load more

Related Stories

Load more

SUBSCRIBE FOR FREE NOW!

Get immediate access to our updates on:

  • Sizzling hot news

  • Latest tech reviews

  • Easy to understand tutorials

You've got a sensational story to tell? Send 'em in now!

Our team is always looking for new stories to cover and if you happen to know anything about a new product or invention in the mobile industry, we would love to hear from you. Our tipper will be given all due credit! The confidentiality of your personal information is extremely important to us, and you can rest assured that we will not reveal it to anyone else. You can send in anonymous tips, but we'd rather know who you are! If you'd like to get in touch with us about something else, please use our contact page.

FOLLOW US

Disclosure:  Some of the links in the website are affiliate links, meaning that at no additional cost to you, we will receive a commission if you click through and make a purchase.

Technspice | 2022 | All rights reserved.