Twitter has fixed the security bug that exposes data at least 54 accounts on its platforms prepared for sale on dark websites.
Twitter said that if you operate the Pseudonym Twitter account, “We understand the risk of incidents like this can introduce and very sorry that this happens”.
In order for your identity to be hidden, we recommend not to add a telephone number or email address that is known to your Twitter account,” the company said in a statement on Friday night.
The company said that while there was no password that was exposed, “We encourage everyone who uses Twitter to activate the authentication of two factors using authentication applications or hardware security keys to protect your account from an invalid login”.
Vulnerability allows bad actors to enter telephone numbers or email addresses into the flow in an effort to learn whether the information is related to the existing Twitter account, and if so, which specific account.
We take our responsibility to protect your privacy very seriously and very unfortunate this happens, “Twitter said.
Twitter in January received a report through a bug gift program from vulnerability in its system.
“As a result of vulnerability, if someone sends an email address or telephone number to the Twitter system, the Twitter system will tell the person what a Twitter account is associated with the email address or telephone number sent, if any,” said the company.
In July, Twitter learned that someone has the potential to use this (bug) and offers to sell the information they have compiled.
“After reviewing the available data samples for sale, we confirm that bad actors have used this problem before being resolved,” Twitter said.