A security flaw accidentally exposed by Twitter has allowed access to the phone number country codes of its users. This is a huge blunder and many are considering this as alarming.
This is so because there are many users of the social media platform who want their location to remain a secret. The security flaw also allowed access to hackers to know whether a Twitter account has been locked or not.
Among those who want their location to be a secret are many whistleblowers and political asylum seekers who also do not want their identity to become public.
Twitter’s support forms made this issue possible to be identified. According to reports, many of the requests had come to the firm from China and Saudi Arabia, which are amongst the the most undemocratic countries.
“While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors,” said Twitter in an official statement.
The belief of Twitter about the possibility of the involvement of some state-level espionage is not yet clear but there are some issues ot be suspicious of such occurrences behind the incident.
Many analysts feel that when there is any involvement of countries such as like China and Saudi Arabia, one has to be suspicious of something sinister going behind the scenes. And this assumption has raised alarms among some observers and experts.
According to reports, it took Twitter 24 hours or more to fix the issue – having started to fix the problem on November 15th and ending it on November 16th. According to further reports, nothing major happened within this period.
“We have become aware of an issue with one of our support forms which may have been used to discover the country code of certain people’s phone numbers and whether the account had been locked by Twitter. This issue did not expose full phone numbers or any other personal data,” said Twitter.
The incident has been reported to the European Union’s Data Protection Commissioner because of the possibility of European users being affected by the data breach. The security breach however reportedly did not violate any GDPR regulations because users’ country code is not considered to be sensitive personal information.
The incident has also reported to the US Federal Trade Commission (FTC) by Twitter. The breach was downplayed by the social media platform because it claimed that complete phone numbers were not exposed.
Twitter has been on earlier occasions faced criticism related to bitcoin scams taking over many popular accounts.
The latest data breach was communicated to the affected users directly by Twitter.
Twitter said in a statement that long before the company came into existence, there had been existence of nefarious deeds.
According to the company, such acts would continue to occur and criminals would alter and adapt their tactics and find out new methods to cause damage. But the company would continue to enhance security of its systems, the company said.
(Source:www.techengage.com)
This is so because there are many users of the social media platform who want their location to remain a secret. The security flaw also allowed access to hackers to know whether a Twitter account has been locked or not.
Among those who want their location to be a secret are many whistleblowers and political asylum seekers who also do not want their identity to become public.
Twitter’s support forms made this issue possible to be identified. According to reports, many of the requests had come to the firm from China and Saudi Arabia, which are amongst the the most undemocratic countries.
“While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors,” said Twitter in an official statement.
The belief of Twitter about the possibility of the involvement of some state-level espionage is not yet clear but there are some issues ot be suspicious of such occurrences behind the incident.
Many analysts feel that when there is any involvement of countries such as like China and Saudi Arabia, one has to be suspicious of something sinister going behind the scenes. And this assumption has raised alarms among some observers and experts.
According to reports, it took Twitter 24 hours or more to fix the issue – having started to fix the problem on November 15th and ending it on November 16th. According to further reports, nothing major happened within this period.
“We have become aware of an issue with one of our support forms which may have been used to discover the country code of certain people’s phone numbers and whether the account had been locked by Twitter. This issue did not expose full phone numbers or any other personal data,” said Twitter.
The incident has been reported to the European Union’s Data Protection Commissioner because of the possibility of European users being affected by the data breach. The security breach however reportedly did not violate any GDPR regulations because users’ country code is not considered to be sensitive personal information.
The incident has also reported to the US Federal Trade Commission (FTC) by Twitter. The breach was downplayed by the social media platform because it claimed that complete phone numbers were not exposed.
Twitter has been on earlier occasions faced criticism related to bitcoin scams taking over many popular accounts.
The latest data breach was communicated to the affected users directly by Twitter.
Twitter said in a statement that long before the company came into existence, there had been existence of nefarious deeds.
According to the company, such acts would continue to occur and criminals would alter and adapt their tactics and find out new methods to cause damage. But the company would continue to enhance security of its systems, the company said.
(Source:www.techengage.com)