Technology

Twitter security breach that stole data of 5.4 million users was more serious than previously thought

The identification of another leaked Twitter user database has alerted more than one malicious actor to exploit the same vulnerability the company identified earlier this summer. And after that over 5.4 million users were affected.

An update to Twitter’s security code implemented in June 2021 created a vulnerability that a hacker from the HackerOne firm reported to the company in January as part of its ‘bugs’ and bounty program.

Twitter assures that it fixed the bug as soon as it became aware of itAnd acknowledged that due to the said vulnerability, the platform fell victim to a cyber attack that resulted in theft and leakage of data of 5.4 million users.

Security expert Chad Loader has now warned that Vulnerability can be exploited by more malicious actorsLooking at the database that you have identified and that was not previously reported.

Loder says it has access to a sample with which it has been able to verify that this is genuine user data. In particular, the telephone numbers of users in France, although the database contains information Millions of users from EU and USA.

The leaked phone numbers are linked to accounts that have enabled the feature that allows other people to trace the user by their phone number. and it affects users Verified accounts, celebrities, politicians and government bodies.

Cybersecurity experts do not believe this is the same data breach that Twitter identified over the summer, despite the fact that they have the same system failure, as it involved different data and different affected accounts.

Loder has shared his findings on both Twitter and Mastodon., In the first social network, his account has been suspended, although you can consult the thread on the data breach on Archive.org.

On the other hand, from the special portal Bleeping Computer they have reported that the database which affected 5.4 million users, which Was put up for sale through the Breached forumNow appeared on the same hacking forum for free.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button