Twitter admitted that a vulnerability has been used to steal in recent years personal information of more than 5 million users. “We want you to know – reads a company release – that until recently a vulnerability allowed anyone to enter a phone number or email address, in an attempt to find out if that contact was linked to an existing Twitter account. , and if so, to which specific account”.
An issue that is not minor, as this exploit can be used to reveal the true identity of a anonymous account.
We know that a malicious actor exploited this security flaw on Twitter to steal the information of 5.4 million users. When a computer scientist reported the existence of this dangerous vulnerability, the company responded by shrugging its shoulders and claiming it was unaware of any incidents related to this issue. In other words, Twitter reassured users at the time, claiming that the issue was resolved before anyone could misuse it to steal information. But it wasn’t true.
Now Twitter not only confirms that the privacy of more than 5 million users has been violated (as the Bleeping Computer website reported several months ago), but has also announced that it has already begun to individually contact every person identified by the leak has been hit, while it specifies that it probably won’t be able to locate every compromised account for sure.
Source: Lega Nerd
