Skip to main content

A Twitter bug could use your phone number to expose personal information

Don’t upload your contacts to Twitter. If you do, or if you already have on your Android device, your phone number could be one of 17 million exposed on the app, a bug first reported by TechCrunch.

Security researcher Ibrahim Balic, who is based in London, told the site he was able to match records in seven different countries, including one of a senior Israeli politician and several other high-profile users. He did this when he discovered that when one uploads one’s contacts, the app would “fetch user data in return,” he told TechCrunch. It was then possible to match the phone numbers uploaded into the app with the Twitter records and figure out account usernames.

Related Videos

Twitter had previously reported a security flaw in its Android app on December 20 that, it said in a statement at the time, “could allow a bad actor to see nonpublic account information or to control your account (i.e., send Tweets or Direct Messages).”

But the flaw that Twitter reported appeared to depend on the insertion of malicious code. This new flaw that Balic reported involves no malicious code; it simply involves knowing someone’s phone number and being able to figure out their Twitter persona from that information alone.

This is the latest in a serious of bugs or hacking attacks that has plagued Twitter and other social networks, including Facebook. In November, both apps said the date of “hundreds of users” was comprised through faulty Android apps. Emails, usernames, and recent tweets were all exposed. In both this recent case and the one in November, Twitter said at the time that it had no evidence that anyone’s account was actually hacked or exploited, although it did admit there were two bad actors involved who were paying developers to use malicious software development kits.

Twitter has suffered a few huge leaks in the past several years, including one in 2016 that exposed the login credentials of 32.8 million users, and another in 2018 wherein Twitter urged 330 million users to change their passwords after they were exposed on the company’s internal network.

Editors' Recommendations

Twitterrific shuts down after being blocked by Twitter
The Twitterrific bird.

The maker of Twitterrific, a third-party Twitter app for macOS and iOS that launched in 2007 and came to the iPhone before Twitter itself, has been left with no choice but to close it down.

In a message posted on its website on Thursday, The Iconfactory, Twitterrific's developer, said: "We are sorry to say that the app’s sudden and undignified demise is due to an unannounced and undocumented policy change by an increasingly capricious Twitter -- a Twitter that we no longer recognize as trustworthy nor want to work with any longer.”

Read more
Twitter finally confirms it’s behind outage of third-party Twitter apps
A stylized composite of the Twitter logo.

Twitter has finally confirmed what everyone pretty much already knew -- that it’s behind the outage of popular third-party Twitter clients such as Tweetbot and Twitterrific.

In a message posted on its Twitter Dev account for developers, the company said: “Twitter is enforcing its long-standing API rules. That may result in some apps not working.” But it declined to offer any details about what API rules the developers of the third-party apps have violated.

Read more
12 high-profile tech opportunities for those job hunting
A person using the ZipRecruiter mobile app on a smartphone.

This content was produced in partnership with ZipRecruiter.
Are you an aspiring or experienced tech professional looking to start the new year with a new job? Job search sites, such as ZipRecruiter, have all the tools you need to explore the most high-paying tech jobs currently available, whether you're seeking to enter or advance in the tech industry. From data scientists to software developers, these positions offer challenges and opportunities to work with up-and-coming and market-leading technology companies. Whether you're just starting out in your tech career or are an experienced professional looking to take the next step up the ladder, these high-profile tech opportunities are sure to pique your interest. If you're ready to dive in and explore the top tech opportunities, read on to see what's available.

 
Software Developer - Average Salary $110,000
As a software dev, you will be designing, developing, and maintaining applications for computer and mobile platforms. This can involve writing code in various programming languages, such as C++, Java, or Python, and using frameworks and libraries to build efficient and scalable software systems. You may also work with databases, version control systems, and collaboration tools to manage and track code changes. Some responsibilities of a software developer include collaborating with a team to design and ship new features, identifying and fixing bugs in existing software, maintaining and improving applications, designing and implementing software tests and debugging processes, and participating in code reviews to ensure quality and compliance with standards.

Read more