When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Twitter says state-actors may have gained access to people's phone numbers

Twitter has announced that it has found attempts by hackers to access phone numbers registered with user accounts. The social network became aware of the attack on December 24, 2019, and said that a large number of fake accounts were attempting to exploit its API to match usernames to phone numbers.

Twitter believes that the attack could be state-backed because it observed a high volume of requests coming from individual IP addresses located in Iran, Israel, and Malaysia but beyond that, it’s unclear who the perpetrator is. It said that it was disclosing the possible link to a state “out of an abundance of caution and as a matter of principle.”

The feature is supposed to let new users upload their contact book to find their friends and family already registered on the platform. Users that don’t want to be found in this way can disable the option. Twitter said that users who had the option disabled in the first place or do not have a phone number associated with their account were not affected by this vulnerability.

To address the problem, Twitter has altered the feature so that specific account names are no longer given in response to queries. It has also suspended accounts that were found to be making use of this exploit. The company said that it is “very sorry” for what has happened.

Report a problem with article
A Google logo on top of a colorful red and green background
Next Article

YouTube generated $15 billion ad revenue in 2019, has over 20 million paid subscribers

Previous Article

Chinese phone firms ask the FCC not to label them as national security risks

Join the conversation!

Login or Sign Up to read and post a comment.

6 Comments - Add comment