CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

admin by admin
August 6, 2022
in Information Security


Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform.

“As a result of the vulnerability, if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any,” the company said in an advisory.

CyberSecurity

Twitter said the bug, which it was made aware of in January 2022, stemmed from a code change introduced in June 2021. No passwords were exposed as a result of the incident.

The six-month delay in making this public stems from new evidence last month that an unidentified actor had potentially taken advantage of the flaw before the fix to scrape user information and sell it for profit on Breach Forums.

Although Twitter didn’t reveal the exact number of impacted users, the forum post made by the threat actor shows that the flaw was exploited to compile a list containing allegedly over 5.48 million user account profiles.

Restore Privacy, which disclosed the breach late last month, said the database was being sold for $30,000.

CyberSecurity

Twitter stated it’s in the process of directly notifying account owners affected by the issue, while also urging users to turn on two-factor authentication to secure against unauthorized logins.

The development comes as Twitter, in May, agreed to pay a $150 million fine to settle a complaint from the U.S. Justice Department that alleged the company between 2014 and 2019 used information account holders provided for security verification for advertising purposes without their consent.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Class Action Targets Experian Over Account Security – Krebs on Security

Next Post

Illuminatecreativity

Related Posts

Information Security

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

by admin
August 7, 2022
Information Security

Spring 2022 PCI 3DS report now available

by admin
August 7, 2022
Information Security

Tech giants pledge self-regulation in NZ pact

by admin
August 7, 2022
Information Security

Class Action Targets Experian Over Account Security – Krebs on Security

by admin
August 6, 2022
Information Security

Spring 2022 PCI DSS report available with seven services added to compliance scope

by admin
August 6, 2022
Next Post

Illuminatecreativity

Recommended

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack

August 7, 2022

Spring 2022 PCI 3DS report now available

August 7, 2022

Tech giants pledge self-regulation in NZ pact

August 7, 2022

Will Oracle Save the Day with Its EHR database?

August 7, 2022

Illuminatecreativity

August 7, 2022

Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts

August 6, 2022

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 JNews - Premium WordPress news & magazine theme by Jegtheme.