A malicious actor reportedly exploited a vulnerability in American social media platform, Twitter’s software that exposed the potential identity of a number of anonymous Twitter account owners last year, according to the social media giant.
According to reports, although Twitter did not confirm the report that more than 5.4 million users’ data was put up for sale online, it stated that that users all around the world were affected by the breach.
This breach is particularly worrisome as it compromises the identity of many Twitter account owners, like human right activists, who prefer not to reveal their identities for security purposes, owing to the fear of being persecuted by the state authorities.
The company added that the breach enabled people to understand if a specific email address or a phone number was associated with an existing Twitter account, thus confirming the account owners’ identities.
Twitter did not reveal the number of users that have been affected, but it clarified that no passwords have been exposed. In this context, a Twitter spokesperson revealed via email that they were unable to determine the number of impacted accounts and the locations of the users.
Twitter’s acknowledgement about the breach follows a report by Restore Privacy, an advocacy group for digital privacy, which exposed that data harvested from the vulnerability was being sold on popular hacking platform for $30,000.
According to sources, a security researcher who discovered the glitch and informed Twitter was paid a bounty of $5,000, with Twitter later stating that the bug was immediately taken care of.
According to Twitter, it came to know about the data sale from media reports and found that some bad actor was taking advantage of this situation. It also added that it was directly informing the owners of the affected accounts.
For users who do not wish to reveal their identities, the social media company recommended that they should not add their email address or phone number to their account.
The news about the breach comes at a time, when Twitter is engaged in a legal battle with Elon Musk, the CEO of Tesla, over the billionaire's decision to back out from his $44 billion Twitter acquisition deal.