Twitter has announced that another data leak has happened on its platform and the company is investigating it as a suspected state-sponsored attack. Twitter has published in their support page that they have discovered the attack on November 15 when they found a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia.
All the requests targeted Twitter’s support form, which are normally used by the users to report issues to Twitter’s staff.
A bug was identified in these forms that permitted the attackers to discover an account’s phone number country code and if the account had been locked. This bug can allow an attacker to determine a user’s country of origin, mapping accounts to specific geographical zones.
Twitter claims that even though they cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.
The engineers at Twitter had fixed the vulnerability the very next day of discovering the attacks and the bug in the support form.
After detecting the attack, the company has been working to find which accounts have been impacted. All the users who is believed to have been affected are notified by Twitter.
Any other information regarding the attacks are not provided by the company but they said that they have notified law enforcement.
This is the second user data leak Twitter has announced this year. Earlier in September, Twitter disclosed that an API bug might have shared users’ private messages with some app developers.