Twitter has just confirmed that at the end of 2021 it suffered an attack due to a vulnerability in its code, an action that caused a data exposure that affected millions of people.
The hacker took advantage of the error in the code to get hold of the information, and Twitter discovered the security hole shortly after, fixing the problem in January of this year.
A security researcher discovered the issue, used the company’s bounty program, and allowed the issue to be fixed before more data is stolen from the company.
Twitter at first thought that the problem had not been exploited by anyone, but someone told Bleeping Computer that this was not the case, that more than 5 million account records were stolen. This now allows the hacker to have information to verify the relationship between email accounts, phone numbers, and Twitter accounts, making it easy to determine the identity of an account owner.
Twitter commented on your accountwhich may be affected, mainly, the accounts with pseudonyms, the anonymous ones that publish content with fear of reprisals, since with this theft of information, no anonymous account is safe.
Now Twitter will notify the owners of affected accounts, mainly those who make an effort to keep their identity hidden, while recommending that users who want to remain anonymous never add their phone or email publicly in the Twitter account, something that surely nobody does nowadays.
It is also recommended to activate the two-factor authentication mode, of course.
