Data privacy has been a burning issue throughout 2018 and from the looks of it, we aren’t done with it yet. Earlier this week, Twitter reported an error in its systems in which information of selected users might be leaked via the platform’s support forums.
As explained by Twitter:
“We have become aware of an issue related to one of our support forms, which is used by account holders to contact Twitter about issues with their account. This could be used to discover the country code of people’s phone numbers if they had one associated with their Twitter account, as well as whether or not their account had been blocked by Twitter.”
As per initial reports, the issue pertains to the use of a specific support forum. The scope of the damage caused by the leak seems to be small, but Twitter hasn’t revealed the number of accounts impacted by the issue. Twitter has reported that no complete contact numbers or personal data was leaked and the Data Protection Commissioner of the European Union has been informed.
Although it may seem like an issue small in scale compared to the incidents we have witnessed this year, it is significant in its own right. Twitter has been trying to maintain full transparency and avoid any backlash this incident may potentially cause. Twitter further stated:
“Since we became aware of the issue, we have been investigating the origins and background in order to provide you with as much information as possible. During our investigation, we noticed some unusual activity involving the affected customer support form API. Specifically, we observed a large number of inquiries coming from individual IP addresses located in China and Saudi Arabia. While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors. We continue to err on the side of full transparency in this area and have updated law enforcement on our findings.”
This statement points to a significant concern of potential access. The incident seems to carry more importance than we were initially led to believe.
Speaking of further ramifications, TechCrunch noted that this incident may impact whistleblowers and dissidents. Government organizations can use this information to find these critics and informants, especially if the government is an autocratic one leaving no stone unturned to silence the dissenting voices. It is in circumstances like these that the importance of protecting the privacy of the users become more important than usual.
It is still early days in the investigation, Twitter may reveal the extent of the damage of this breach of privacy. Regardless, it is another hit for data privacy as the year winds down to a close.