Twitter says leaked user data wasn’t stolen from its systems

Twitter says leaked user data wasn’t stolen from its systems

The leak of over 200 million e mail addresses belonging to Twitter customers will not be a results of an inner vulnerability being abused, the corporate has claimed.

In an replace (opens in new tab) posted to the corporate web site, the microblogging platform addressed the speculations that the menace actors abused the identical vulnerability that was patched in January 2022, which hackers used to share particulars on greater than 5 million Twitter customers.

“In response to latest media reviews of Twitter customers’ information being offered on-line, we performed an intensive investigation and there’s no proof that information not too long ago being offered was obtained by exploiting a vulnerability of Twitter programs,” the corporate mentioned. “[The] 200 million dataset couldn’t be correlated with the beforehand reported incident or any information originating from an exploitation of Twitter programs,” it added.

Information taken elsewhere

“Not one of the datasets analyzed contained passwords or data that would result in passwords being compromised.” As a substitute, Twitter believes the leak is an amalgamation of publicly out there databases gathered elsewhere, possible by means of separate leaks. “The information is probably going a set of information already publicly out there on-line by means of completely different sources,” it claims. 

Some specialists are questioning Twitter’s arguments, asking why the corporate didn’t clarify how the leaked information was precisely linked to e mail addresses related to folks’s Twitter accounts. 

The microblogging platform mentioned it reached out to related information safety authorities and different organizations to offer extra particulars in regards to the incident.

In late November 2022, researchers found a significant information dump of delicate identification data (opens in new tab), claiming it was most likely resulting from a vulnerability that allowed anybody to cross-check if an e mail handle or a telephone quantity was related to a Twitter account, and if that’s the case – which one. 

Hundreds of thousands of customers from the US and EU have been uncovered, and the media managed to verify the authenticity of at the least among the information posted to the darkish net. 

  • Take a look at the most effective antivirus applications (opens in new tab) proper now

Through: BleepingComputer (opens in new tab)