Micron Stock Surges on Strong AI Demand, Record Revenue, and Bullish Q4 Forecast 
Meta Seeks Legal Shield From Child-Harm Lawsuits Amid KOSA Talks 
Doncasters Raises $919 Million in NYSE IPO as Aerospace Growth Accelerates 
SK Hynix Moves Closer to New York ADR Listing Amid AI Chip Boom 
Fortescue Faces Class Action Over Sexual Harassment Claims at Australian Mining Sites 
KPMG Australia Chairman and Senior Partners Exit Amid Escalating Whistleblower Scandal 
SK Hynix Targets $29.4 Billion Nasdaq Listing to Expand AI Chip Business 
Alphabet Stock Slides as AI Talent Exodus and SpaceX Losses Shake Investor Confidence 
SpaceX Stock Rebounds After Sharp Selloff, But Valuation Concerns Persist 
Alibaba Shares Fall After Anthropic Alleges Massive AI Model Distillation Campaign 
US-Iran De-Escalation Shifts Washington’s Focus to AI Regulation and Crypto Legislation 
Kioxia Targets U.S. Listing as AI Chip Boom Accelerates 
Anthropic AI Model Uncovers Vulnerabilities in Classified U.S. Government Systems During Security Test 
Tesla and NatPower Partner on $5 Billion Battery Storage Expansion in Europe 
SpaceX Stock Plunges 16% as KeyBanc Warns Valuation May Be Overstretched 
Twitter recently confirmed that its systems suffered a security breach that primarily affected “pseudonymous accounts.” The exploit, first found last January, reportedly allowed the hacker to figure out if an email address or phone number is linked to a Twitter account.
Twitter hack may have targeted secret accounts
The said security vulnerability was reported through Twitter’s bug bounty program last January, the social media company said in a blog post last week. Twitter then updated its code last June in response to address the security issue but noted that it found “no evidence” at the time that the vulnerability was exploited.
That changed, however, when a “press report” revealed that a hacker possibly exploited the vulnerability. Twitter was likely referring to Bleeping Computer’s report last July 22 that revealed a hacker known as “devil” was selling the data collected through the exploit for $30,000.
In devil’s original post, the hacker claimed it collected data from a total of 5,485,636 Twitter users, including “Celebrities, to Companies, randoms, OGs, etc.” Bleeping Computer said in its July report that it was able to verify the accuracy of a “small sample of data” that the hacker presented. It had no way of knowing, though, if the rest of the claimed data from 5.4 million users are all real.
In Twitter’s statement last week, the company implied that the security impacted only “some accounts.” But it emphasized the incident's potential effect's on users with “pseudonymous accounts” or secret accounts. This corroborated what the hacker previously told Bleeping Computer, claiming that they were able to input email addresses and phone numbers to figure out if it is linked to a Twitter account and to identify its Twitter ID.
Twitter’s advice to keep accounts protected
Due to how the exploit worked, Twitter advised users with pseudonymous accounts to avoid using public email addresses and phone numbers. The company said there was no password exposed in the incident, but it still encouraged users to enable two-factor authentication.
Twitter will directly notify affected users. But the social media company added, “We are publishing this update because we aren’t able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors.”
Photo by Akshar Dave on Unsplash
