Twitter hack: Browser Cache Bug exposed emails, phone numbers, last four digits of credit cards, and billing address of thousands of Twitter Business users
The world’s biggest microblogging website, Twitter suffered a data breach due to a browser cache bug. The bug could have exposed data of thousands of users who advertise on Twitter. Twitter has acknowledged the data breach but has not divulged how many Twitter Business users may have been affected.
Twitter says that a bug in how the data was stored in browser cache could have exposed PII details of business customers who use Twitter Ads and Analytics Manager. The bug is said to have exposed email addresses, phone numbers, last four digits of credit cards, and billing address of Twitter’s business customers.
Twitter has apologized for the data breach. In an email to affected users, the firm said: “We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.”
Twitter security team noticed the bug on 20th May 2020. However, the data breach notification came today, exactly a month and three days later. Twitter has not given a date of fixing the bug or the reason for keeping users in the dark as to how long their information was exposed via this browser cache bug. It is also not known whether cybercriminals exploited this particular bug to hack into the Twitter database or plant malware.
Twitter says that there is no evidence as of now that clients’ billing information was compromised. But it is worthwhile to remember that normally such data from breaches appears on dark web market places and hacker forums 3 to 6 months later.