Twitter today announced that the platform’s support form had been hit by a data breach exposing user data to IP addresses from Saudi Arabia and China.
The leaked data contains the country codes of the phone numbers linked to users’ accounts. In an official statement, the social media platform said that phone numbers and other confidential user data had not been exposed in the attack.
Twitter identified the attack on November 15 when “some unusual activity involving the affected customer support form API” was noticed. A large number of inquiries were received from individual IP addresses located in China and Saudi Arabia.
The attackers exploited a bug in the Support forms that allowed them to access country codes and whether the account has been locked by Twitter or not. Twitter locks an account if it has been compromised or when it violates the social media platform’s guidelines.
Twitter suspected that it was a state-sponsored attack by saying, “While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors,”
The company resolved the issue by 16th November and has notified all the affected users individually. Additionally, law enforcement agencies have also been notified about the data breach.
Soon after the announcement, Twitter’s shares tumbled 6.8 percent. This is the second time when the social media platform has been breached. Earlier, in September Twitter announced that the platform had been hit by an API bug that might have leaked users’ private messages to some app developers.