Hackers could have found your secret Twitter accounts

A Twitter vulnerability allowed a nasty actor to study account names related to sure electronic mail addresses and cellphone numbers (and sure, that would embrace your secret Stan movie star accounts), Twitter confirmed on Friday. Twitter initially fastened the problem in January after receiving a report by its bug bounty program, however a hacker was capable of exploit the flaw earlier than Twitter grew to become conscious of it.

The vulnerability, which stemmed from a June 2021 token platform replace, remained unnoticed till earlier this yr. This gave hackers a number of months to use the flaw, though Twitter stated it had “no proof to recommend that somebody exploited the vulnerability” on the time of its discovery.

previous months report from sleeping computer He recommended in any other case, revealing {that a} hacker managed to use the vulnerability whereas flying beneath Twitter’s radar. The hacker reportedly amassed a database of greater than 5.4 million accounts by benefiting from the flaw, then tried to promote the knowledge on a hacker discussion board for $30,000. After analyzing the info posted on the discussion board, Twitter confirmed that its consumer information had been hacked.

It is nonetheless unclear what number of customers are literally affected, and Twitter does not appear to know both. Whereas Twitter says it plans to inform affected customers, it’s “unable to substantiate each account doubtlessly affected.” Twitter advises anybody thinking about their secret accounts to allow two-factor authentication, in addition to connect an electronic mail tackle or cellphone quantity unknown to the general public to the account they do not need to be related to.

Source link

Leave a Comment