Amongst the various Twitter data breach that have occurred recently, a forum data breach has gained attention. As per media reports and the statements issued by Twitter investigating team, one of Twitter’s support forums was breached by entity having ties with state-sponsored attack.
The important point that is to be taken into consideration is that the breached Twitter’s forum was dedicated to supporting account holders that face issues with their accounts and need to contact twitter for logins etc.
As per reports, Twitter started to address the identified breach around November 15 and as claimed as resolved the same by November 16. However, in the duration of the breach, the hackers were able to get a hold of the country code of Twitter users’ phone numbers, in the cases where the twitter account was associated with the phone numbers of the users.
Apart from the personal details as phone numbers, the hackers were also able to gauge whether an account is been locked by Twitter, which it does when it finds an unusual activity or violations as per the company ’s rules or terms of service.
As per the statement given by Twitter important point is that “this issue did not expose full phone numbers or any other personal data. We have directly informed the people we identified as being affected. We are providing this broader notice as it is possible that other account holders we cannot identify were potentially impacted,”
The company also stated that it has been still investigating the origin of the attack and where it was being directed from leading to a thorough background of the attacker in order to inform the user better.
As of now during the investigation led by the company they, “noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.”
Twitter has further stated that it remains committed to full transparency and it has notified law enforcement about its research on the breach. As earlier, Twitter will inform its users via its biannual Twitter Transparency Report published trends in a number of areas, including platform manipulation, information requests, email privacy, and removal requests.
Further, as of now, no action is required by account holders and Twitter has already resolved the issue.
In order for user’s convenience, Twitter has also launched a data protection inquiry form for users who have questions or concerns. This to provide a safe medium for users to contact Twitter’s data protection officer, Damien Kieran.
As stated earlier this is not the first such data breach on Twitter. In May 2018, a bug exposed Twitter users’ passwords that were stored in plain text in an internal log. At that time the company urged its users to change their passwords.
Just four months after, Twitter’s Account Activity API allowed third-party developers to accidentally expose user activity data. The bug affected less than 1% of Twitter users, however, it remained at large for more than a year from May 2017 to September 2018.
The increasing breaches are not just a result of the expert hackers’ evolution but most importantly the carelessness of data handling entities that needs to be addressed.