#Giveaway  on last slide

Hackers Exposed 5.4 Million Secret Twitter Accounts

Scribbled Arrow

A security flaw in Twitter permitted a criminal to access the usernames of accounts that are that were associated with specific telephone numbers and email addresses, Twitter confirmed on Friday.

Twitter first patched the flaw in January after receiving a complaint via their bug bounty programme; however, a hacker was able to exploit the vulnerability before Twitter even realized it existed.

The flaw, which resulted from an update to the platform implemented on its software in June, did not become known until this year.

It took hackers a long time to exploit the vulnerability; however, Twitter declared that the company "had no evidence that suggested that anyone had exploited this vulnerability" at its discovery.

The report published last month by Bleeping Computer suggested otherwise. 

It showed that a hacker could exploit the vulnerability even as it was not on Twitter's radar.

The hacker reportedly accumulated a database of more than 5.4 million accounts by exploiting the flaw. 

The hacker then attempted to sell the data through a hacker's forum for $30,000.

After studying the data uploaded on the forums, Twitter verified that the user's data was compromised.

It's unclear at this point how many users have been affected by this, and Twitter isn't sure.

Although Twitter promises to send out notifications to affected users, it's not "able to verify each account that could be affected."

Twitter recommends anyone concerned about their private accounts activate two-factor authentication and attach the email address or a phone number that's not public to the account they don't want to be associated with.