Twitter users data was leaked

Twitter was the victim of a cyberattack that led to the leaking of the data of 5.4 million users due to a security breach discovered earlier this year.

Cybersecurity platform HackerOne published a report in February informing Twitter that by exploiting this bug, attackers were able to collect user data.

“This vulnerability allows any user without any authentication to obtain a Twitter ID of any other user by sending a phone number or email, despite the fact that it prohibited the action from the Privacy Settings,” it can be read in this report.

This report also indicates that this bug is specific to the Android version of Twitter and that it was discovered during the process of verifying the duplication of a social network account.

Also, HackerOne notes that it is “a serious threat” that can be exploited by “any attacker with a basic knowledge of scripting and coding“, capable of creating a database that can be sold or used for advertising purposes.

A HackerOne user known as “zhirinovskiy” reported this issue to Twitter, and the company not only verified that it was a vulnerability in their system, but also rewarded this user a total of $5,040 for flagging it.

However, from RestorePrivacy they indicate that the cyberattackers took advantage of this failure to collect information from 5.4 million users of the social network and sell it through the hacking forum Breached Forums.

K. Tovar

Click the link to subscribe for free to our news and media group on Telegram: https://t.me/G_ELSUMARIO_News

Source: CSO