Trello Outage Disrupts Users as Access Issues Hit Atlassian’s Work Management Platform 
Intel’s Testing of China-Linked Chipmaking Tools Raises U.S. National Security Concerns 
SpaceX CEO Elon Musk Denies Reports of $800 Billion Valuation Fundraise 
Evercore Reaffirms Alphabet’s Search Dominance as AI Competition Intensifies 
SK Hynix Labeled “Investment Warning Stock” After Extraordinary 200% Share Surge 
SpaceX Insider Share Sale Values Company Near $800 Billion Amid IPO Speculation 
GameStop Misses Q3 Revenue Estimates as Digital Shift Pressures Growth 
Australia’s Under-16 Social Media Ban Sparks Global Debate and Early Challenges 
US Charges Two Men in Alleged Nvidia Chip Smuggling Scheme to China 
Trump’s Approval of AI Chip Sales to China Triggers Bipartisan National Security Concerns 
Microsoft Unveils Massive Global AI Investments, Prioritizing India’s Rapidly Growing Digital Market 
EU Court Cuts Intel Antitrust Fine to €237 Million Amid Long-Running AMD Dispute 
Westpac Director Peter Nash Avoids Major Investor Backlash Amid ASX Scrutiny 
Nvidia Develops New Location-Verification Technology for AI Chips 
Moore Threads Stock Slides After Risk Warning Despite 600% Surge Since IPO 
Apple App Store Injunction Largely Upheld as Appeals Court Rules on Epic Games Case 
Twitter recently confirmed that its systems suffered a security breach that primarily affected “pseudonymous accounts.” The exploit, first found last January, reportedly allowed the hacker to figure out if an email address or phone number is linked to a Twitter account.
Twitter hack may have targeted secret accounts
The said security vulnerability was reported through Twitter’s bug bounty program last January, the social media company said in a blog post last week. Twitter then updated its code last June in response to address the security issue but noted that it found “no evidence” at the time that the vulnerability was exploited.
That changed, however, when a “press report” revealed that a hacker possibly exploited the vulnerability. Twitter was likely referring to Bleeping Computer’s report last July 22 that revealed a hacker known as “devil” was selling the data collected through the exploit for $30,000.
In devil’s original post, the hacker claimed it collected data from a total of 5,485,636 Twitter users, including “Celebrities, to Companies, randoms, OGs, etc.” Bleeping Computer said in its July report that it was able to verify the accuracy of a “small sample of data” that the hacker presented. It had no way of knowing, though, if the rest of the claimed data from 5.4 million users are all real.
In Twitter’s statement last week, the company implied that the security impacted only “some accounts.” But it emphasized the incident's potential effect's on users with “pseudonymous accounts” or secret accounts. This corroborated what the hacker previously told Bleeping Computer, claiming that they were able to input email addresses and phone numbers to figure out if it is linked to a Twitter account and to identify its Twitter ID.
Twitter’s advice to keep accounts protected
Due to how the exploit worked, Twitter advised users with pseudonymous accounts to avoid using public email addresses and phone numbers. The company said there was no password exposed in the incident, but it still encouraged users to enable two-factor authentication.
Twitter will directly notify affected users. But the social media company added, “We are publishing this update because we aren’t able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors.”
Photo by Akshar Dave on Unsplash
