Twitter has been hit with a minor data breach incident that the social networking site believes linked to a suspected state-sponsored attack.
In a blog post published on Monday, Twitter revealed that while investigating a vulnerability affecting one of its support forms, the company discovered evidence of the bug being misused to access and steal users’ exposed information.
The impacted support form in question was used by account holders to contact Twitter about issues with their account.
Discovered in mid-November, the support form API bug exposed considerably less personal information, including the country code of users’ phone numbers associated with their Twitter account, and “whether or not their account had been locked.”
So far the company has declined to provide more details about the incident or an estimate for the number of accounts potentially impacted but says it believes that the attack may have ties to state-sponsored actors.
images from Hacker News