Connect with us

Hi, what are you looking for?

Social Media

Twitter begins alerting users about data breach

We cannot determine exactly how many accounts were impacted or the location of the account holders.

Twitter. — © AFP Jade GAO
Twitter. — © AFP Jade GAO

Twitter has just confirmed that its December 2021 data breach compromising 5.4 million accounts was caused by a zero-day vulnerability. This is the same vulnerability reported and fixed in January of this year, but at the time, had no evidence suggesting a threat actor had exploited it.

Through this vulnerability, anyone was able to access and scrape information from Twitter accounts.

Twitter wrote in a press blog:

“We can confirm the impact was global. We cannot determine exactly how many accounts were impacted or the location of the account holders.”

Looking into this issue for Digital Journal is JP Perez-Etchegoyen, CTO at Onapsis.

Perez-Etchegoyen sees the admission as coming late in the day, with the issue part of a wider vulnerability affecting many businesses. The analyst says: “Twitter’s confirmation that their December 2021 data breach, which compromised over 5.4 million accounts, was caused by a zero-day vulnerability (now patched) emphasizes the damage these types of vulnerabilities can cause.”

Expanding on the background information, Perez-Etchegoyen says: “Twitter has also confirmed that this zero-day is the same vulnerability reported and fixed in January of this year, but at the time, had no evidence suggesting a threat actor had exploited it. Through this vulnerability, anyone was able to access and scrape information from Twitter accounts.”

Concerningly, Twitter has also indicated it cannot, as yet, confirm the full impact of the data breach: “We are publishing this update because we aren’t able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors.”

In terms of wider vulnerabilities, Perez-Etchegoyen  comments: “This instance also underscores the increased need for secure development and vulnerability management measures to ensure proper prevention and identification measures when it comes to both known and unknown vulnerabilities.”

To address such issues, Perez-Etchegoyen observes: “Threat detection and vulnerability management platforms that provide complete visibility into mission-critical applications help security teams ensure that critical systems remain secure, efficient, and dependable.”

Perez-Etchegoyen also recommends as a preventative action: “Robust analytics, reporting capabilities, and automation proficiency that are leveraged through these security platforms assist in mitigating threats, ultimately keeping valuable data protected.”

Avatar photo
Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

A jury on Wednesday found Uber's former security chief guilty of federal crimes for covering up a massive hack.

Tech & Science

Commentary on the JWST is a bit like race calling.

Tech & Science

A SpaceX capsule carrying a Russian crew member docked Thursday with the International Space Station on a NASA mission.

Business

Core systems in large financial services firms are often decades old and rooted in complex, disconnected legacy systems.