Twitter admits: - people exploited the number matching feature, probably also state-sponsored players
Share onThey had to ban a bunch of fake accounts.
They had to ban a bunch of fake accounts.
Twitter admits in a press release that they have come across cases where some people are utilizing a feature that could be used to match phone numbers with social media usernames.
- Not intended to be used in this way
The error was first pointed out by security researcher Ibrahim Balic in December 2019 without Twitter confirming it at that time.
Balic found that the Android application for Twitter had a vulnerability thahttps://cdn.discordapp.com/attachments/250027425327480834/674365826941583398/unknown.pngt gave him insights into over 17 million phone numbers that could be matched with associated accounts.
It should never have been Twitter's intention to be able to match accounts with phone numbers in this way, on such a large scale. To begin with, the platform erased a few hundred accounts that they suspected of engaging in these activities, including Balic's accounts.