Connect with us

Hi, what are you looking for?

Social Media

Twitter bug may have shown email addresses of thousands of users

The bug affected Twitter’s password recovery systems for around 24 hours last week, the company said today. It “had the potential” to reveal the email address and phone numbers of “less than 10,000” active accounts but did not directly reveal the user’s password.
Twitter has already contacted the affected users and will be providing advice on what to do next. Twitter is confident the issue has since been patched and that no further accounts have been affected.
The company said: “We recently learned about — and immediately fixed — a bug that affected our password recovery systems for about 24 hours last week. The bug had the potential to expose the email address and phone number associated with a small number of accounts (less than 10,000 active accounts). We’ve notified those account holders today, so if you weren’t notified, you weren’t affected.”
The information on display isn’t enough to login to a Twitter account but is easily sufficient for an attacker to start a phishing or scam campaign. Active email addresses and phone numbers are valuable pieces of personal data that should only be distributed to trusted friends, family, co-workers and businesses.
Twitter has contacted the relevant law enforcement bodies. A full investigation will be conducted into the day-long vulnerability to ensure it does not happen again. Twitter said it will be taking harsh action against any users who have exploited the bug, warning they will be handed permanent account suspensions.
The company said today: “We take these incidents very seriously, and we’re sorry this occurred. Any user that we find to have exploited the bug to access another account’s information will be permanently suspended, and we will also be engaging law enforcement as appropriate so they may conduct a thorough investigation and bring charges as warranted.”
Twitter has provided suggestions to users on how to maintain “good account security hygiene.” This consists of the usual round of security tips, advising people to use a strong password with a mixture of different character types and enable two-factor authentication where possible. This prevents an attacker accessing an account by requiring a unique code, sent via SMS, to be entered at login.
This security incident may be comparatively minor, based on the number of users thought to be involved, but it doesn’t mean people who aren’t affected should pass it off as an irrelevance. Twitter users can review their security settings and recent account logins in the “Security and privacy” section of the website’s Settings menu.

Written By

You may also like:

Tech & Science

The European Union scored two major legal victories in separate cases that left Apple and Google owing billions of euros.

World

Similar models correctly predicted the 2020 presidential election and 2021 runoff elections for two Georgia senate seats.

Sports

The first written record of hornussen dates from 1564, with the first known competition in 1655. 

Tech & Science

Sony said Tuesday it would launch an upgraded version of its flagship games console with better graphics and AI capabilities.