• Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
Tech News, Magazine & Review WordPress Theme 2017
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
  • Home
  • Blog
  • Android
  • Cars
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • Sci-Fi
No Result
View All Result
Blog - Creative Collaboration
No Result
View All Result
Home Android

Twitter confirms July data breach that affected millions of accounts

August 8, 2022
Share on FacebookShare on Twitter

The company says it’s patched the zero-day exploit used in the attack

Twitter generic hero whats happening

Zero-day exploits are a menace to the tech industry with web browsers — Chrome and Firefox — being particularly vulnerable to these threats. Although Google is keeping up with zero-day detections, malicious actors are always seeking out security loopholes in all sorts of services. Twitter was the target of one such attack in December 2021, with the individual responsible claiming to have obtained key information from 5.4 million accounts on the platform. The company has now officially confirmed that the attack happened and that the zero-day exploit that was used to make it happen has been patched.

ANDROIDPOLICE VIDEO OF THE DAY

While Twitter is forthcoming about details of the breach, it doesn’t change the fact that the attacker still has the user account data at their disposal. The attacker told BleepingComputer last month about being able to compile profiles of 5,485,636 accounts with information such as location, URL, profile picture, and other data. They used a vulnerability which allowed anyone to query a phone number or email to check on an active Twitter account and then obtain the account information.

Example of a scraped Twitter profile

Crucially, the data was being offered for roughly $30,000 as per the publication, though it was reportedly sold for a significantly lesser amount to at least two separate people. The attacker also said at the time the data could end up being released for free, putting the privacy of millions of users at risk.

For its part, Twitter said it learned of the bug in January this year through its bug bounty program, HackerOne, adding that the vulnerability crept in after an update to its code in June 2021. While the issue was fixed earlier this year, Twitter says it didn’t account for the likelihood of the attacker already being in possession of the data. This changed last month after an initial wave of publicity to the attack of which Twitter was able to confirm used the zero-day exploit in question after going through one of the samples that were put up for sale.

Twitter said it is notifying each affected user, but admitted that it cannot confirm every account that was exposed due to this security loophole. Accounts run by people who may be sought by governments or other terrorism groups may use the breached dataset to track down their targets. Passwords were not part of the data breach, but the company is advising users to turn on two-factor authentication for their accounts — considering that phone numbers are a threat vector, users should go for either an authentication app or a hardware key, both of which can be set up in the Twitter app’s settings.


Next Post

Best deal on Offcloud (UK)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

No Result
View All Result

Recent Posts

  • Keke Palmer’s podcast interview with Michelle Buteau is pure joy
  • Acer’s 1,000Hz gaming monitor is real, expensive, and stuck waiting on a launch date
  • De’Longhi has expanded its espresso machine lineup: Where to buy
  • Android 17 has a secret weapon to fix laggy video and voice calls
  • Amy Poehler interviewing Mindy Kaling about being a meme is a delight

Recent Comments

    No Result
    View All Result

    Categories

    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi
    • Home
    • Shop
    • Privacy Policy
    • Terms and Conditions

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    No Result
    View All Result
    • Home
    • Blog
    • Android
    • Cars
    • Gadgets
    • Gaming
    • Internet
    • Mobile
    • Sci-Fi

    © CC Startup, Powered by Creative Collaboration. © 2020 Creative Collaboration, LLC. All Rights Reserved.

    Get more stuff like this
    in your inbox

    Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

    Thank you for subscribing.

    Something went wrong.

    We respect your privacy and take protecting it seriously