Twitter Breach Said to Have Exposed Anonymous Owners 636f5c Technology News

Twitter did not confirm a report that data on 5.4 million s was offered for sale online. 3n49c

By Associated Press | Updated: 6 August 2022 11:13 IST

Twitter Breach Said to Have Exposed Anonymous Owners

Twitter said it learned about the data sale on the hacking forum from media reports 1939y

Highlights

Twitter said it did not know how many s may have been affected
Twitter stressed that no s were exposed
Twitter said the bug was immediately fixed

ment

A vulnerability in Twitter's software that exposed an undetermined number of owners of anonymous s to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday.

It did not confirm a report that data on 5.4 million s was offered for sale online as a result but said s worldwide were affected.

The breach is especially worrisome because many Twitter owners, including human rights activists, do not disclose their identities in their profiles for security reasons that include fear of persecution by repressive authorities.

India Among Top 5 Countries Issuing Content Blocking Orders, Twitter Says

“This is very bad for many who use pseudonymous Twitter s," US Naval Academy data security expert Jeff Kosseff tweeted.

The vulnerability allowed someone to determine during log-in whether a particular phone number or email address was tied to an existing Twitter , thereby revealing owners, the company said.

Twitter said it did not know how many s may have been affected, and stressed that no s were exposed.

Twitter Rejects Musk's Claims That He Was Hoodwinked Into g Deal

“We can confirm the impact was global,” a Twitter spokesperson said via email. “We cannot determine exactly how many s were impacted or the location of the holders."

Twitter's acknowledgment in a blog post Friday followed a report last month by the digital privacy advocacy group Restore Privacy detailing how data presumably obtained from the vulnerability was being sold on a popular hacking forum for $30,000 (roughly Rs. 28.9 lakh).

A security researcher discovered the flaw in January, informed Twitter and was paid a reported $5,000 (roughly Rs. 4 lakh) bounty. Twitter said the bug, introduced in a June 2021 software update, was immediately fixed.

Twitter said it learned about the data sale on the hacking forum from media reports and “confirmed that a bad actor had taken advantage of the issue before it was addressed.”

It said it was directly notifying all owners that it can confirm were affected.

“We are publishing this update because we aren't able to confirm every that was potentially impacted, and are particularly mindful of people with pseudonymous s who can be targeted by state or other actors,” the company said.

It recommended s seeking to keep their identities veiled not add a publicly known phone number or email address to their Twitter .

“If you operate a pseudonymous Twitter , we understand the risks an incident like this can introduce and deeply regret that this happened,” it said.

The revelation of the breach comes while Twitter is in a legal battle with Elon Musk over his attempt to back out from his previous offer to buy San Francisco-based Twitter for $44 billion (roughly Rs. 3,500 crore).

What should you make of Realme's three new offerings? We discuss them on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

links may be automatically generated - see our ethics statement for details.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.