Khaleej Times, Aug 7, 2022 | Muharram 9, 1444
Twitter breach exposed anonymous account owners
A vulnerability in Twitter's software that exposed an undetermined number of
owners of anonymous accounts to potential identity compromise last year was
apparently exploited by a malicious actor, the social media company said Friday.
It did not confirm a report that data on 5.4 million users was offered for sale
online as a result but said users worldwide were affected.
The breach is especially worrisome because many Twitter account owners,
including human rights activists, do not disclose their identities in their
profiles for security reasons that include fear of persecution by repressive
authorities.
“This is very bad for many who use pseudonymous Twitter accounts," US Naval
Academy data security expert Jeff Kosseff tweeted.
The vulnerability allowed someone to determine during log-in whether a
particular phone number or email address was tied to an existing Twitter
account, thereby revealing account owners, the company said.
Twitter said it did not know how many users may have been affected, and stressed
that no passwords were exposed.