Social networking site Twitter announced today another data leak that occurred on its platform, which the company said it is investigating as a suspected state-sponsored attack.
In a support page published earlier today, Twitter said that it detected the attack on November 15 when it "observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia."
These requests targeted the company's support form, which users had been using to report issues to Twitter's staff.
Twitter said that attackers identified a bug in these forms that allowed them to discover an account's phone number country code and if the account had been locked.
The second issue isn't such a big deal, however, the first bug can allow an attacker to determine a user's country of origin, mapping accounts to specific geographical zones.
"While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors," Twitter said today.
After discovering the attacks and the support form bug, Twitter said engineers fixed the vulnerability by the next day, November 16.
The company said that since detecting the attack, it's been working to investigate which accounts have been impacted. Twitter is now notifying the users who it believes have been impacted by the attacks.
"We are providing this broader notice as it is possible that other account holders we cannot identify were potentially impacted," the company added.
Also: Nicolas Cage: 'I hate social media' CNET
The company didn't provide any other useful information about the attacks or who might be impacted, though, but it did say it also notified law enforcement.
This is the second user data leak the company announced this year. In September, Twitter revealed that an API bug might have shared users' private messages with some app developers.
Previous and related coverage:
Some Twitter users have complained about seeing "the best" tweets in a Facebook-style timeline and want to return to the old days when they were in chronological order. Twitter now offers that option, and plans to make it easier to switch between the two views..
Some simple changes to your Twitter account settings instantly removes most of the bots and trolls and anything else you don't want from your feed, which results in a much more pleasant experience.
Facebook is facing an uphill battle automating the detection of misinformation in photos and videos.Related stories:
More data breach coverage:
- Google+ hit by second API bug impacting 52.5 million users
- BeatStars discloses security breach in Twitter live stream
- Quora discloses mega breach impacting 100 million users
- Marriott reveals data breach affecting 500 million hotel guests
- Facebook bug exposed private photos of 6.8 million users
- Rhode Island sues Google after latest Google+ API leak
- Cathay Pacific breach leaks personal data on 9.4 million people CNET
- Why 31% of data breaches lead to employees getting fired TechRepublic