2018 hasn’t been a great year for social media, with all the major platforms suffering a number of significant data breaches at various points in the year. Twitter alone has seen several, including the biggest one in May when the company urged all of its 330 million users to reset their passwords. This was after a glitch in the system that exposed all user passwords, displaying them in plain text.
In September of this year, another glitch exposed users’ direct messages to third-party app developers. Now, most recently, Twitter was hit with a new problem. One of their support forums (used by Twitter account holders to report problems) was breached, allowing the hackers to gain limited access to user information.
The official announcement from the company includes:
“…During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors.”
It’s this last bit that is the most disturbing. State-sponsored digital terrorism is a large and growing concern, with the recent accusations that Russia may have tried to influence US elections.
In this case, the company tried to assure its users that the data exposed was quite limited to the country code associated with each user, account status (locked or unlocked) and partial phone numbers.
The issue has been resolved, and Twitter has contacted the small number of impacted users directly, emphasizing that no action on their part is necessary. It does, however, underscore the point that the platforms we rely so heavily on are under constant threat. Even if you take great care to safeguard your data personally, that may not be enough.