« Samsung's next foldable phone might come with a glass display | Main | Google Photos might soon allow you to zoom in on videos »
Thursday
Dec262019

Twitter for Android bug matched 17 million phone numbers to user accounts

DateThursday, December 26, 2019 at 9:33AM

Embed from Getty Images 

Security research Ibrahim Balic claimed to have exploited a bug on Twitter's Android app that let him match 17 million phone numbers to users' accounts. He was able to upload full lists of generated phone numbers through the app's contacts upload feature. TechCrunch reported the discovery and Twitter had blocked the flaw on December 20. 

Balic generated over two billion numbers, and he was able to match it to records of users in France, Germany, Iran, Greece, Turkey, Israel, and Armenia. He was able to fetch user data on them and informed high-profile Twitter users, through a WhatsApp group, about the vulnerability. Balic didn't alert Twitter about the vulnerability, though. Twitter assures TechCrunch that the bug "cannot be exploited again."

AuthorNicole Batac | CommentPost a Comment |
Print ArticlePrint Article tagged in , , , , , , , ,

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Notify me of follow-up comments via email.