Twitter fixes security bug that exposed at least 5.4 million accounts – Attractive Area

Twitter has fixed a security bug that exposed the details of at least 54,000 accounts on its platform that were up for sale on the dark web.

Twitter stated that if you use a pseudonymous Twitter account, “We understand the risks an incident like this can pose and deeply regret that this has happened.”

“To keep your identity as veiled as possible, we recommend that you do not add a publicly known phone number or email address to your Twitter account,” the company said in a statement late Friday.

The company said that while the passwords were not disclosed, “We encourage anyone using Twitter to enable two-factor authentication using authenticator apps or hardware security keys to protect their account from unauthorized logins.”

The vulnerability allowed attackers to enter a phone number or email address into the login flow in an attempt to find out if this information was associated with an existing Twitter account, and if so, which account.

“We take our responsibility to protect your privacy very seriously, and we’re very sorry this happened,” Twitter said in a tweet.

In January, Twitter received a report about a vulnerability in its systems through its bug bounty program.

“Due to the vulnerability, if someone submits an email address or phone number to Twitter systems, Twitter systems will tell the person which Twitter account the submitted email address or phone number, if any, is associated with,” the company said in a statement. .

In July, Twitter learned that someone had potentially exploited this (bug) and offered to sell the collected information.

“After examining a sample of data available for sale, we confirmed that an attacker took advantage of the issue before it was resolved,” Twitter said in a statement.

The Company has directly notified affected account holders of this issue.


on /ksk/

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.