Twitter announced in its help center page on 17, December 2018, that it has experienced a data leak. The social networking giant revealed that it identified the attack on November 15, 2018, and that the attack targeted one of its support forms which account users use to contact Twitter about any issues they have with their account. The firm confirmed that it fixed the issue the very next day.
The firm stated that the data breach did not expose full phone numbers or any other private data. Twitter also revealed that it observed a large number or inquiry requests coming from individual IP addresses primarily from China and Saudi Arabia and suspects it to be a state-sponsored attack.
The attackers identified a vulnerability in Twitter’s support forms which allowed them to discover the country code of individual’s phone numbers if they had one associated with their Twitter account. This vulnerability also allowed the attacker to identify whether a user’s account has been locked or not by Twitter.
“While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors,” Twitter said.
Twitter said that it has notified the potentially affected users and has also notified law enforcement authorities regarding the incident.
“We recognize and appreciate the trust you place in us and are committed to earning that trust every day. We are sorry this happened,” Twitter concluded.