• Home
  • Internet
  • How was Twitter user data stolen? First statement after big data breach

How was Twitter user data stolen? First statement after big data breach

Last July, the account details of millions of Twitter users were posted on the hacker forum. Twitter made the expected statement regarding the big data breach.
 How was Twitter user data stolen?  First statement after big data breach
READING NOW How was Twitter user data stolen? First statement after big data breach

Social networking platform Twitter was the target of a zero-day vulnerability attack in December 2021, and the attacker claimed to have obtained the account information of 5.4 million users on the platform. After the big data breach, the first statement came from Twitter.

Account information of 5.4 million Twitter users stolen

2 weeks previously added

The vulnerability has been closed

Twitter officially confirmed that the attack took place and stated that the zero-day vulnerability, which is the method used for the attack, has been patched.

Zero-day vulnerability attack

According to BleepingComputer, the perpetrator compiles the profiles of 5.4 million accounts, along with location, URL, profile picture, and other data. Hackers discovered a vulnerability that allowed them to find and retrieve account information from any active Twitter account by querying their phone number or email. More importantly, the data was rumored to have sold for $30,000, but was reportedly sold to at least two separate individuals for much less.

Twitter became aware of the vulnerability in January of this year, thanks to its bug bounty program HackerOne. According to the company’s statement, the vulnerability emerged after an update to the codes; The deficit was closed earlier this year. However, the social media platform did not take into account that the hacker already holds user data.

Security notice to users

Twitter said it notified users affected by the data breach, but stated that they could not approve every account exposed due to this vulnerability. Fortunately, the passwords were not leaked, but the company advises users to turn on two-factor authentication. Since phone numbers are exposed, it can be said that using authentication applications is much safer.

Comments
Leave a Comment

Details
260 read
okunma9670
0 comments