Twitter has revealed that a flaw in the company’s “contacts upload” feature has been discovered, with attempts having made by several state actors to allegedly access the phone numbers of users. A “high volume of requests” to use the feature was detected from IP addresses from Iran, Israel, and Malaysia.
“We observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia. It is possible that some of these IP addresses may have ties to state-sponsored actors. We are disclosing this out of an abundance of caution and as a matter of principle.”
According to a Reuters report, Twitter suspects that a government connection here, with the “attackers” in Iran having unrestricted access to the platform despite it being banned int he country. All of the connected accounts have been suspended in the meantime, and Twitter says that they have “fixed” the issue.
According to Techcrunch, a security researcher said he matched 17 million phone numbers to Twitter accounts after exposing a vulnerability in the company’s Android app. In a nutshell, the issue stems from the contact upload feature. He explained that if you upload entire lists of random phone numbers, Twitter fetches user data in return, enabling you to match these numbers to their users.
Not everyone is affected, it appears. Twitter explained in a blog post that only users with the “Let people who have your phone number find you on Twitter” option with an associated phone number are susceptible, although the loophole has been fixed.
“We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”
There doesn’t appear to be any concrete news on who these “state actors” are, however. And it seems that Twitter doesn’t really know who exactly the perpetrators are—or they’re not pursuing it, I don’t know. State actors, by their very definition, are supposed to be parties acting on behalf of governments, which certainly is a scary thought.
And this isn’t the first time that Twitter and its users’ info has allegedly been misused for political agendas. Last year, 88,000 accounts from Saudi Arabia were suspended by the company for “manipulating” the platform as part of a state-backed information campaign. And Google has also revealed data privacy concerns of its own—some users reportedly had their private videos sent to total strangers while backing up their images on Google Photos.
Malaysia Airlines has temporarily grounded its brand new Airbus A330neo after completing four commercial flights.…
Pro-Net recently revealed that you only need to service the new Proton e.MAS 7 EV…
The Proton e.MAS 7 is one of the most value for money SUVs at the…
Samsung has announced that it will be holding its press conference titled "AI for All:…
Modern smartphones are very capable computing devices, thanks to powerful hardware trickling down the price…
If you're a CelcomDigi Postpaid 5G customer and can't get fibre broadband for your home,…
This website uses cookies.