Friday 5 August 2022 06:40 PM Twitter patches software flaw that let a hacker steal information from 5.4 ... trends now
View
comments
Twitter revealed the zero-day vulnerability that allowed a bad actor to compile a list of 5.4 million account profiles in December 2021 is now patched as of Friday.
A zero-day vulnerability is a software flaw that is unknown to the parties responsible for the site and is live an open window for those lurking in the backend of the website.
The vulnerability allowed the hacker known as 'devil' to scrape Twitter and collect phone numbers and emails associated with the millions of accounts that belonged to 'celebrities, companies and random people,' according to a post by the hacker on the dark web that says the collection was due to 'Twitters incompetence.'
The fix comes too late, as the hacker already uploaded the data to the dark web and was selling the accounts for $30,000 each – it is not clear how many have been bought, BleepingComputer reports.
Scroll down for video
Twitter patched a flaw in its software that let a hacker compile phone numbers and email address associated with 5.4 million accounts
Twitter disclosed in a security advisory Friday: 'In January 2022, we received a report through our bug bounty program of a vulnerability that allowed someone to identify the email or
