Thursday, February 9, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Millions of Twitter accounts are exposed

Millions of Twitter accounts are exposed

Twitter informed about a vulnerability that allowed anyone to find out if there was an existing Twitter account by submitting just a phone number or email address into the log-in.


Hanife Diktas Hanife Diktas
August 9, 2022
2 min read
Millions of Twitter accounts are exposed
  • Twitter informed about a vulnerability that allowed any third party to obtain Twitter ID by entering a phone number or email address into the log-in.
  • An update to Twitter code in June 2021 caused this vulnerability. Currently, Twitter is not able to confirm if every account was potentially impacted.
  • An author called Devil made it public that it had information about 5.4 million users including celebrities, companies, random users, etc., and asked for at least $30,000 for the database.

In a recent Twitter blog post, the company made aware of a vulnerability that allowed anyone to enter a phone number or email address into the log-in and learn whether there is a Twitter ID connecting to that credential. Apparently, this vulnerability let some cyber actors find out about the Twitter IDs of millions of users and put the related information on sale on breach forums.

A database of 5.4 million users might be stolen

Twitter was notified about this bug during a bug bounty program. A HackerOne user called “Zhirinovsky” alerted the company in January of 2022. The bug is described as allowing any party without any verification to get a Twitter ID by submitting only a phone number or an email address. In its report Zhirinovsky stated;

« The vulnerability allows any party without any authentication to obtain a twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number/email even though the user has prohibitted this action in the privacy settings. »

Twitter said this vulnerability was caused by an update to their code in June 2021. The company did not mention in its blog post how many of its user’s data was breached. It only stated that it had fixed the flaw immediately after it had been reported. During that time, the company did not know if any information was stolen as a result of the vulnerability. But in July, they learned that someone had potentially taken advantage of it indeed. An author called Devil allegedly claimed to have information about 5.4 million users including celebrities, companies, and random users and put the information sale on breached forums. The seller asked for at least $30,000 for the database.

Hacked Twitter data for sale
Hacked Twitter data for sale

As a response, Twitter said they will be directly notifying the account owners that were affected by this bug. They published the news because they are not able to confirm if every account was potentially impacted. The company suggests the users use a pseudonymous account to keep their identity as veiled as possible and not add a publicly known phone number or email address to their Twitter account.

See more Cybersecurity News


Tags: Twitter
Hanife Diktas

Hanife Diktas

Hanife Diktas is a news editor at Cloud7 News. Hanife started her career in the manufacturing sector in the marketing and sales department. Hanife worked in industrial equipment, renewable energy, and technology sectors. Hanife Diktas did her bachelor's degree in business administration and completed a master's degree in management at Yeditepe University in Istanbul, Turkey. Hanife is a Linux user, and she also contributed to AlmaLinux OS at the beginning of the project. Hanife focuses on web hosting, cloud computing, data centers, cybersecurity, Linux OS, and virtualization technologies. Hanife enjoys creating content and shooting videos covering these topics.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
EndeavourOS Artemis Neo is released with minor improvements

EndeavourOS Artemis Neo is released with minor improvements

Related News

New variant of VMware ransomware prevents recovery

New variant of VMware ransomware prevents recovery

February 9, 2023 3:15 pm
CISA publishes VMware ESXi ransomware recovery tool

CISA publishes VMware ESXi ransomware recovery tool

February 8, 2023 3:45 pm
New local privilege escalation vulnerability strikes X.Org server

New local privilege escalation vulnerability strikes X.Org server

February 7, 2023 9:45 pm
Red Hat brings new security capabilities to Red Hat OpenShift

Red Hat brings new security capabilities to Red Hat OpenShift

February 7, 2023 8:55 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

What’s new in Linux kernel 6.2 rc6?

10 Best Web Hosting Services of 2023

Ubuntu 22.04 LTS is available for download. What is new?

CERN and Fermilab recommend AlmaLinux

7 best hosting control panels of 2023

How to update Linux Kernel without rebooting?

7 best Linux mail servers of 2023

7 best cPanel alternatives for 2023

7 best Linux web browsers for 2023

7 best CentOS alternatives

7 best Linux server distros of 2023

Interview with Igor Seletskiy on AlmaLinux

How to create a VM on VMware Workstation

Recent News

  • New variant of VMware ransomware prevents recovery
  • Twitter Blue benefits increase but the API will now cost $100 per month
  • Linux 6.1 is a Long-Term Support (LTS) Kernel now
  • Digital Realty signs 10-year power purchase agreement with ENGIE
  • Zoom to lay off 15% of its employees

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2023, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2023, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.