[ Dec 20 , 2018 ]
Twitter has been hit with a minor data breach incident that the social networking site believes linked to a suspected state-sponsored attack.
In a blog post published on Monday, Twitter revealed that while investigating a vulnerability affecting one of its support forms, the company discovered evidence of the bug being misused to access and steal users’ exposed information.
Discovered in mid-November, the support form API bug exposed considerably less personal information, including the country code of users’ phone numbers associated with their Twitter account, and “whether or not their account had been locked.”
Twitter also assures its users that the issue does not expose full phone numbers or any other personal data related to the user.
Twitter says that the social networking site addressed the issue within just one day on November 16 and that there is no action required from the users’ side.
In May, Twitter urged all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users’ account passwords by storing them in plain text on an internal log.