Twitter says there is 'no evidence' data leak came from exploiting its systems

world
Twitter Says There Is 'No Evidence' Data Leak Came From Exploiting Its Systems
Hackers have posted a list online they claim contains the usernames and email addresses of 200 million Twitter users. Photo: PA Images
Share this article

Martyn Landi, PA Technology Correspondent

Twitter says a list of usernames and passwords posted online by hackers was not obtained by exploiting vulnerabilities in the social media site’s security systems.

The company said it has carried out an investigation following reports earlier this month that a database had been posted online showing account details for more than 200 million Twitter users.

Advertisement

According to reports from security researchers and others, the usernames and email addresses in the leak were compiled from several other, earlier Twitter breaches dating back to a bug in Twitter’s systems created in 2021 and fixed in early 2022.

The bug meant that anyone who submitted an email address or phone number to Twitter’s systems would be told what account those details were linked to if any – a flaw that Twitter confirmed last summer had been exploited by hackers.

Advertisement

 

However, Twitter says its investigation into this latest dataset found that the information in the database “could not be correlated with the previously reported incident or any data originating from an exploitation of Twitter systems”.

“Therefore, based on information and intel analysed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems,” the company said.

“The data is likely a collection of data already publicly available online through different sources.”

Advertisement

Twitter joined cybersecurity experts in urging users to protect their accounts by ensuring they use a strong password and two-factor authentication to prevent unauthorised log-ins.

“We also encourage Twitter users to remain extra vigilant when receiving any kind of communications over email, as threat actors may leverage the leaked information to create very effective phishing campaigns.

“Be wary of emails conveying a sense of urgency and emails requesting your private information, always double check that emails are coming from a legitimate Twitter source.”

Advertisement
Elon Musk
Elon Musk completed his takeover of Twitter in October (PA)

The latest incident comes as the social media giant continues to face questions over its general security and its wider future under the leadership of Elon Musk, who completed his takeover of the platform in October.

Although the bug linked to these data leaks occurred well before Mr Musk’s takeover, many experts have raised concerns about the number of staff now leaving Twitter and whether the platform is able to remain as secure with substantially reduced staff in place.

Late last year, Mr Musk pledged to stand aside as Twitter chief executive after users voted in an online poll for him to stand down.

Advertisement

However, the billionaire has not given any timeframe on that move, only saying he would hand over the day-to-day running of the site once he finds someone “foolish enough” to take on the role.

Read More

Message submitting... Thank you for waiting.

Want us to email you top stories each lunch time?

Download our Apps
© BreakingNews.ie 2024, developed by Square1 and powered by PublisherPlus.com