Twitter confirms vulnerability exposed data of anonymous accounts owners

Twitter confirmed that a vulnerability in its code led to data disclosure late last year. In a blog post the company said a malicious actor exploited a zero-day flaw before noticing and patching the issue in January 2022. The vulnerability was discovered by a security researcher who contacted Twitter through the company .

When Twitter first learned of the bug, it said it had “no evidence” it had been exploited. However, an individual Last month the They exploited the vulnerability to obtain data from more than 5.4 million accounts. Twitter said it could not confirm how many users were affected by the exposure. The vulnerability allowed the attacker to determine if an email address or phone number was associated with an existing Twitter account. In turn, they could use this information to determine the identity of an account holder.

“We are releasing this update because we are unable to confirm every potentially affected account and are particularly vigilant for individuals with pseudonymous accounts that may be targeted by government or other actors,” Twitter said. “If you are running a pseudonymous Twitter account, we understand the risks that such an incident can pose and we deeply regret that this has happened.”

Twitter said it would directly notify any account holder that it could confirm has been impacted by the exposure. For users trying to hide their identity, the company recommends not adding a publicly known phone number or email address to an account. It also suggests adding two-factor authentication.

All products recommended by Engadget are selected by our editorial team, independently of our parent company. Some of our stories contain affiliate links. If you buy something through one of these links, we may receive an affiliate commission. Twitter confirms vulnerability exposed data of anonymous accounts owners

Russell Falcon is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button