The popular social networking platform Twitter announced that it fixed a security vulnerability that allowed hackers to threaten to collect information about 5.4 million accounts on the Twitter platform at a later time, with these accounts offered for sale on a well-known cybercrime forum.
This vulnerability allows anyone to use any phone number or email address of any user and find out whether the phone number or email address is linked to an account on Twitter, potentially exposing the identity and personal information of the account holder to the risk of hacking.
Twitter said in a press release that if someone enters an email address or a mobile phone number into Twitter’s systems, those systems say whether the phone number or email address is associated with an account on the platform.
Twitter added that this vulnerability has been fixed since last January, six months after the vulnerability was first discovered, by a data security researcher who received a $6000 reward from Twitter.
According to the report, this vulnerability represents a “serious threat” to users who have secret accounts or under pseudonyms on the Twitter platform, and can be used to create a “database” or enumerate a “large portion of the Twitter user base”.
This vulnerability is similar to the one discovered in late 2019 that allowed a data security expert to link 17 million phone numbers to Twitter accounts.
#Twitter #addresses #security #flaw #exposed #millions #accounts #disaster