Twitter accidentally exposed its users through its forms for contacting the company. The concern here is that malicious attackers could have users the security flaw to figure out where accounts are geographically based, which can have political ramifications.
The company found that a large number of inquiries that has com through its form came from IP addresses located in China and Saudi Arabia.
While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.Twitter Stated
Whilst twitter has tried to bring light to the situation, naming specific countries or suggesting state actors that could be involved can carry heavy implications.
The issue was fixed over November 15th-16th. Twitter has notified the European Union’s Data Protection Commissioner, as EU citizens may have been impacted. However, we report on this as its an international issue and Australian’s details could also have been accessed.
Twitter have contact uses that have been impacted directly by the issue, and says full phone numbers were not leaked and users don’t have to do anything in response. However, the investigation is still going and the total number of accounts have not been completely evaluated.
What can I do?
Because Twitter does not know how many were infected they have created a dedicated page for this issues which can be found here.
It is clear that information operations and coordinated inauthenticTwitter in a statement to Tech Crunch.
behaviorwill not cease. These types of tactics have been around for far longer than Twitter has existed – they will adapt and change as the geopolitical terrain evolves worldwide and as new technologies emerge. For our part, we are committed to understanding how bad-faith actors use our services. We will continue to proactively combat nefarious attempts to undermine the integrity of Twitter,while partnering with civil society. government, our industry peers, and researchers to improve our collective understanfingof coordinated attempts to interfere in the public copnversation.
If you believe that your email has been compromised you can
We stay on top off all data related breaches, patches and security information so make sure you subscribe to our newsletter below.
Other Articles You may enjoy:
- Controlling Laptop and Smartphone Access to Corporate Networks With SonicWall
- Google+ Shuts Down Early After Another Major Breach
- Australia Passes Anti-Encryption Bill (Everything You Need to Know)
- Analysing SkyKick’s Data Protection For Collaboration Scenarios