A Vulnerability in Twitter systemsdetected in January of this year, may have exposed data of approximately 5.4 million users. The platform revealed the existence of the bug on Friday (5), but did not fully confirm the number of people affected.
This flaw allowed any Internet user to enter an email address or phone number on the social network’s login page and verify that this data was linked to an existing account on the service. With this, it would be possible to exploit the bug to associate a particular account with its owner and reveal its identity.
The bug surfaced in June of last year after a microblogging update and was fixed as soon as the company learned of its existence in early 2022. According to the company, no evidence of abuse was found at the time. . . .
But Twitter realized in July that someone had exploited the vulnerability to extract user data from the social network and sold the entire package for $30,000 on a hacker forum. The platform says it has confirmed the accuracy of the information by analyzing some of the sample for sale.
Affected users will be notified
Making a sales announcement leaked twitter data states that the compilation collects information from approximately 5.4 million microblogging users, including some “celebrities.” The platform did not confirm the amount, but said it will contact profiles affected by the malicious actor’s action.
“We are releasing this update because we are unable to verify all potentially affected accounts, and we are particularly wary of those affected at this time. pseudonymous accounts It could be targeted by the state or other actors,” the company said in a statement.
Additionally, the social network has asked users who want to remain anonymous on the microblogging not to associate publicly known email or phone numbers with their profiles. and yet no passwords were revealed in this leakThe platform recommended that everyone enable two-factor authentication to strengthen security.
Source: Tec Mundo
