Dwelling › Vulnerabilities

Twitter Finds No Proof of Vulnerability Exploitation in Latest Knowledge Leaks

By Eduard Kovacs on January 12, 2023

Tweet

Twitter says it has analyzed the lately marketed databases allegedly containing the data of a whole lot of thousands and thousands of its customers and located no proof {that a} vulnerability has been exploited.

In August 2022, Twitter knowledgeable clients {that a} vulnerability in its programs had been exploited to acquire consumer information. The flaw, patched in January 2022, was used to find out whether or not a specified cellphone quantity or e-mail tackle have been tied to an current Twitter account.

Twitter confirmed exploitation of the vulnerability after studies began circulating that the flaw had been leveraged to gather information on 5.four million customers.

Just a few months later, a cybersecurity skilled mentioned he had obtained a database that appeared to point out the Twitter information breach was far larger than initially reported, with tens of thousands and thousands of impacted accounts.

Twitter mentioned the information was the identical in each circumstances, but it surely by no means clarified precisely what number of customers are believed to be impacted.

In December, simply earlier than Christmas, somebody provided to promote a database of 400 million Twitter consumer information allegedly obtained by the exploitation of the identical flaw.

Just a few weeks later, in early January, a person leaked a database containing the data of roughly 235 million Twitter customers, together with identify, username, e-mail addresses, follower depend, and account creation date. Specialists who analyzed the publicly accessible information mentioned it probably got here from internet scraping.

Twitter confirmed on Wednesday that the 200 million information weren’t obtained by the exploitation of the vulnerability patched in January 2022, nor different weaknesses in its programs.

As well as, the social media large clarified that the 200 million information truly seem like the identical dataset because the beforehand bought 400 million information, however with duplicate entries eliminated.

The corporate additionally clarified that not one of the leaked databases contained any passwords or different info that might result in passwords getting compromised.

“Primarily based on info and intel analyzed to analyze the difficulty, there isn’t a proof that the information being bought on-line was obtained by exploiting a vulnerability of Twitter programs. The info is probably going a set of information already publicly accessible on-line by completely different sources,” Twitter mentioned.

Eire’s Knowledge Safety Fee (DPC) introduced in December that it had launched an investigation in response to the information leak studies involving 5.four million Twitter customers.

Within the assertion revealed this week, Twitter mentioned, “We’re in touch with Knowledge Safety Authorities and different related regulators from completely different nations to supply clarification in regards to the alleged incidents, and we’ll proceed to take action.”

Similar to Fb, Twitter has its European headquarters in Eire. Fb and Instagram have been issued a whole lot of thousands and thousands of euros in fines up to now 12 months in Eire over information privateness violations.

The person providing to promote the 400 million information was truly hoping that the huge fines issued to different social media corporations would persuade Twitter to purchase the information itself to stop it from getting leaked.

Associated: Twitter Logs Out Some Customers Resulting from Safety Situation Associated to Password Resets

Associated: Twitter Safety Chief Resigns as Musk Sparks ‘Deep Concern’

Associated: Twitter Ex-Safety Chief Tells US Congress of Safety Considerations

Get the Each day Briefing

• Most Latest
• Most Learn

• Tesla Returns as Pwn2Own Hacker Takeover Goal
• Twitter Finds No Proof of Vulnerability Exploitation in Latest Knowledge Leaks
• Cisco Warns of Vital Vulnerability in EoL Small Enterprise Routers
• The Guardian Confirms Private Data Compromised in Ransomware Assault
• Threema Beneath Fireplace After Downplaying Safety Analysis
• Subtle ‘Darkish Pink’ APT Targets Authorities, Navy Organizations
• Just lately Disclosed Vulnerability Exploited to Hack A whole lot of SugarCRM Servers
• Extreme Vulnerabilities Permit Hacking of Asus Gaming Router
• Cyber Incident Hits UK Postal Service, Halts Abroad Mail
• Crimson Hat Publicizes Normal Availability of Malware Detection Service

On the lookout for Malware in All of the Improper Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Pc Says About You

Be in a Place to Act By means of Cyber Situational Consciousness

Report Reveals Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice 12 months To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

Easy methods to Determine Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Engaging

Easy methods to Defend Towards DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

SecurityWeek Podcast

Orbit Brain

https://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.