Twitter has acknowledged that the privacy of multiple users’ accounts was at risk last year when a flaw in its software was exploited by a malicious person.
Twitter has acknowledged that the privacy of many users’ accounts was at risk last year.
micro blogging platform Twitter has acknowledged that the privacy of several users’ accounts was at risk last year when a flaw in its software was exploited by a malicious person. However, Twitter has not confirmed the report that the data related to about 5.4 million users around the world has been offered for sale online due to this technical flaw. But it has admitted that its users were affected in this burglary.
What did Twitter say?
It is very worrying that the details of people using Twitter as a platform for exchange of ideas are at risk in this way. The reason for this is that many Twitter account holders do not disclose their identities for security reasons, fearing persecution from oppressive authorities. Jeff Kosef, a data security expert at the American Naval Academy, said in his tweet that the situation is very bad for many people using pseudonymous Twitter accounts.
Twitter said in a statement on Friday that a flaw in its software allowed a person to determine when logged in to determine which existing Twitter account a particular phone number or e-mail is associated with. Due to this, account holders can be easily disclosed. Twitter, however, claimed no information about the number of account holders affected by the incident, saying that none of the passwords were revealed.
A Twitter spokesperson said via e-mail that they could confirm that it had a global impact. But they cannot clearly tell about the exact number of people affected or their location. Restore Privacy, a digital privacy advocacy group, said in a report released last month that the details gathered from the software glitch were being sold on a popular hacking platform for $30,000.
A researcher had disclosed the flaw
Last January, a security researcher pointed to this flaw in Twitter’s software. For this he was also given a reward of $ 5,000. Later, Twitter said that this flaw, which occurred during the June 2021 software update, was immediately corrected. Twitter said in its statement that it has come to know about the sale of data related to users. He said that a bad person had already taken advantage of this flaw before it was rectified. Along with this, Twitter said that it is informing its account holders about the incident being affected in this matter.
The company said that they are issuing this information because they cannot verify every account that is affected. Especially we have special attention for people operating Twitter accounts under pseudonym because they can be targeted by the government and other parties. Twitter has advised users to keep their identity hidden. Along with this, he has also urged people not to give publicly known phone numbers or email address details in his Twitter account. Twitter said that if you run a Twitter account with a fake name, then we understand the risks caused by such an incident. We are deeply sorry for such incident.
(with language input)