TechCrunch
Twitter
API
EU
Balic’s
Ibrahim Balic
Android
No matching tags
No matching tags
No matching tags
Iran
Israel
Malaysia
No matching tags
But for the rest of the world it’s opt-out — so if you had a phone number associated with your account, you may have been affected.Furthermore, the phone numbers include those provided for purposes of two-factor authentication, so those outside the EU may have been vulnerable to this exploit without realizing it.Twitter admits it used two-factor phone numbers and emails for serving targeted adsIt seems that after Twitter was alerted to the issue and shut down the original network (presumably Balic’s), its investigators identified many more accounts that were exploiting this flaw, though a representative declined to provide a number or estimate.“We observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia,” wrote the company in a security bulletin.
As said here by Devin Coldewey