Twitter discloses suspected state-sponsored attack

Twitter says data leak occurred after an attack targeting a vulnerability in its support form system.
Written by Catalin Cimpanu, Contributor

Social networking site Twitter announced today another data leak that occurred on its platform, which the company said it is investigating as a suspected state-sponsored attack.

In a support page published earlier today, Twitter said that it detected the attack on November 15 when it "observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia."

These requests targeted the company's support form, which users had been using to report issues to Twitter's staff.

Twitter said that attackers identified a bug in these forms that allowed them to discover an account's phone number country code and if the account had been locked.

The second issue isn't such a big deal, however, the first bug can allow an attacker to determine a user's country of origin, mapping accounts to specific geographical zones.

"While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors," Twitter said today.

Also: Twitter tests personalized suggestions on who to unfollow CNET

After discovering the attacks and the support form bug, Twitter said engineers fixed the vulnerability by the next day, November 16.

The company said that since detecting the attack, it's been working to investigate which accounts have been impacted. Twitter is now notifying the users who it believes have been impacted by the attacks.

"We are providing this broader notice as it is possible that other account holders we cannot identify were potentially impacted," the company added.

Also: Nicolas Cage: 'I hate social media' CNET

The company didn't provide any other useful information about the attacks or who might be impacted, though, but it did say it also notified law enforcement.

This is the second user data leak the company announced this year. In September, Twitter revealed that an API bug might have shared users' private messages with some app developers.

These are the worst hacks, cyberattacks, and data breaches of 2018

Previous and related coverage:

Twitter brings back chronological timelines

Some Twitter users have complained about seeing "the best" tweets in a Facebook-style timeline and want to return to the old days when they were in chronological order. Twitter now offers that option, and plans to make it easier to switch between the two views..

How to remove bots and trolls and clean up your Twitter feed in seconds

Some simple changes to your Twitter account settings instantly removes most of the bots and trolls and anything else you don't want from your feed, which results in a much more pleasant experience.

Facebook's latest headache: How to spot "deep fake" videos

Facebook is facing an uphill battle automating the detection of misinformation in photos and videos.Related stories:

More data breach coverage:

Editorial standards