Networks Twitter verification will return in December with a new classification in three colors
The identification of another filtered database of
users has alerted to more than one malicious actor making use of the same vulnerability that the company already recognized this summer and which then affected more than 5.4 million users.
An update to Twitter's security code implemented in June 2021 generated a vulnerability that a hacker from the
HackerOne
firm reported to the company in January, as part of its 'bugs' (errors) and bounty program.
Twitter assured that as soon as it found out about the failure, it solved it, and acknowledged that due to said vulnerability, the platform had been the victim of a
cyberattack
that resulted in the theft and leaking of the data of 5.4 million users.
Security expert
Chad Loder
has now warned that the vulnerability could be exploited by more malicious actors, given the database he has identified and which had not been previously reported.
Loder states that he has had access to a sample with which he has been able to verify that it is real user data.
Specifically, of telephone numbers of users in
France
, although the database includes information on millions of users in the European Union and the United States.
Leaked phone numbers are linked to accounts that have enabled the feature that allows other people to find the user by their phone number.
And it affects users with verified accounts, celebrities, politicians, and government agencies.
The cybersecurity expert does not believe that it is the same data breach that Twitter recognized in the summer, despite the fact that they have the same system failure in common, since it involves different data and different affected accounts.
Loder has shared his findings on both Twitter and
Mastodon
.
In the first social network, his account has been suspended, although you can consult the thread on the data breach in
Archive.org
.
On the other hand, from the specialized portal
Bleeping Computer
r they have reported that the database that affected 5.4 million users, which was put up for sale through
Breached Forums
, has now appeared for free on the same website.
hacking forum.
According to the criteria of The Trust Project
Know more
Twitter
European Union
USA