Beware! Twitter Security Is Vulnerable, Hackers Can Know Your Email Address And Phone Easily

Twitter is still vulnerable to hacking. (photo: doc. pixabay)

JAKARTA - A security vulnerability on Twitter allowed malicious actors to find out the account names associated with certain email addresses and phone numbers. This also includes your secret account. Twitter has also confirmed on Friday, August 6.

Twitter originally patched the issue in January after receiving reports through its bug bounty program. But a hacker again managed to exploit the weakness before Twitter even knew about it.

The vulnerability, which stems from an update the platform made in its code in June 2021, was unknown until earlier this year. This gave hackers several months to exploit the vulnerability, although Twitter said it had "no evidence to suggest someone had taken advantage of the vulnerability" at the time of its discovery.

A report last month from Bleeping Computer suggested otherwise. They even revealed that a hacker managed to exploit the vulnerability while it was under Twitter's radar.

The hacker reportedly amassed a database of more than 5.4 million accounts by exploiting the flaw, and then tried to sell the information on hacker forums for $30,000. After analyzing the data posted to the forum, Twitter confirmed that its users' data had been compromised.

It's still unclear how many users were actually affected, and Twitter doesn't seem to know either. While Twitter said it plans to notify affected users, it cannot "confirm every potentially impacted account."

Twitter advises anyone who cares about their secret accounts to enable two-factor authentication, as well as attach an email address or phone number that is not publicly known to accounts they don't want to be associated with.