Breaking News

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design Speedlink setting the tone in the gaming zone be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025 RICOH announces GR IV and GF-2 external flash

logo

  • Share Us
    • Facebook
    • Twitter
  • Home
  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map

Search form

Twitter Disclosed Users' Phone Data Breach

Twitter Disclosed Users' Phone Data Breach

Enterprise & IT Feb 4,2020 0

Twitter discovered attempts by possible state actors to access the phone numbers associated with user accounts, after a security researcher unearthed a flaw in the company’s “contacts upload” feature.

On December 24, 2019 Twitter said it became aware that someone was using a large network of fake accounts to exploit our API and match usernames to phone numbers. The company says it immediately suspended these accounts.

A company spokeswoman declined to say how many user phone numbers had been exposed, saying Twitter was unable to identify all of the accounts that may have been impacted.

She said Twitter suspected a possible connection to state-backed actors because the attackers in Iran appeared to have had unrestricted access to Twitter, even though the network is banned there.

During an investigation, Twitter discovered additional accounts that the company believes may have been exploiting this same API endpoint beyond its intended use case. While Twitter identified accounts located in a wide range of countries engaging in these behaviors,the company observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia. "It is possible that some of these IP addresses may have ties to state-sponsored actors," Twitter said.

When used as intended, this endpoint makes it easier for new account holders to find people they may already know on Twitter. The endpoint matches phone numbers to Twitter accounts for those people who have enabled the “Let people who have your phone number find you on Twitter” option and who have a phone number associated with their Twitter account. People who did not have this setting enabled or do not have a phone number associated with their account were not exposed by this vulnerability.

Twitter says it made a number of changes to this endpoint so that it could no longer return specific account names in response to queries. Additionally, the company suspended any account we believe to have been exploiting this endpoint.

Tags: TwitterprivacyCyber AttackCybersecurity
Previous Post
Huawei, ZTE Request to Stay Off US Blacklist
Next Post
Facebook Gives Parents Even More Control in Messenger Kids

Related Posts

  • Elon Musk to Acquire Twitter

  • Twitter Marks President Trump's Tweet With Tag Warning About "Violence"

  • EU Privacy Watchdog Accused of Delaying Probe Procedures Against Facebook

  • Twitter's New Settings Let You Choose Who Can Reply to Your Tweet

  • European Supercomputers Researching Covid-19 Report Hacking Attacks

  • Twitter to Let Employees Work From Home For Ever

  • Twitter Launches Labels to Warn On Misleading COVID-19 Information

  • Texas Courts Faced a Ransomware Attack

Latest News

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II
Cameras

Nikon releases the NIKKOR Z 24-70mm f/2.8 S II

CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design
Cooling Systems

CORSAIR ONE a600 Brings Improved Cooling and Adaptive Performance in a Compact Design

Speedlink setting the tone in the gaming zone
PC components

Speedlink setting the tone in the gaming zone

be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025
PC components

be quiet! unveils new show case chassis and shows cooling innovations and peripherals at gamescom 2025

RICOH announces GR IV and GF-2 external flash
Cameras

RICOH announces GR IV and GF-2 external flash

Popular Reviews

be quiet! Dark Mount Keyboard

be quiet! Dark Mount Keyboard

be quiet! Light Loop 360mm

be quiet! Light Loop 360mm

be quiet! Light Mount Keyboard

be quiet! Light Mount Keyboard

Noctua NH-D15 G2

Noctua NH-D15 G2

be quiet! Light Base 600 LX

be quiet! Light Base 600 LX

Soundpeats Pop Clip

Soundpeats Pop Clip

Terramaster F8-SSD

Terramaster F8-SSD

be quiet! Pure Base 501

be quiet! Pure Base 501

Main menu

  • Home
  • News
  • Reviews
  • Essays
  • Forum
  • Legacy
  • About
    • Submit News

    • Contact Us
    • Privacy

    • Promotion
    • Advertise

    • RSS Feed
    • Site Map
  • About
  • Privacy
  • Contact Us
  • Promotional Opportunities @ CdrInfo.com
  • Advertise on out site
  • Submit your News to our site
  • RSS Feed