Twitter Data Breach From Former Gartner Cybersecurity Analyst

Following the news that Twitter suffered a data breach that saw 5.4 million users’ details leaked online please find a comment below from Cyber security experts.

The comment covers how the attack opens the door to high-profile attacks on famous users, with the likely outcome of crypto scam efforts, and the further threats that can now be enabled, from MFA spoofing and attacks on other accounts such as icloud or gmail.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ian McShane
Ian McShane , Field CTO
InfoSec Expert
July 27, 2022 11:37 am

“The linking of a private email address and phone number associated with a Twitter account has the potential to add an extra dimension to this data breach.

“From what we know so far, it seems likely that an additional attack could be or could already have been launched on high profile users with MFA enabled. We’ve seen what can happen when accounts are compromised on Twitter – usually some kind of cryptocurrency scam efforts – and while there’s been no evidence of such an attack recently, users should be vigilant for unexpected login attempts or unsolicited messages and calls.

“Outside of Twitter, there’s the potential for attackers using the phone number to spoof MFA requests from other services (such as those linked to an @icloud or @gmail account)

“Also, while bug bounties are great for finding vulnerabilities, it is still down to the company to ensure they have sufficiently closed the gap as well as the ability to hunt through historic activity to find evidence of exploration, otherwise they risk being publicly embarrassed just like Twitter over the last few days. Whatever the case, this incident is not a good look for Twitter after a tumultuous few months.”

Last edited 3 months ago by Ian McShane
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x