In July, cybercriminals began selling the data of more than 5.4 million Twitter users in a hacking forum after exploiting an API vulnerability disclosed in December 2021.
Recently, a hacker made this information freely available, while other researchers reported a breach affecting millions of Twitter accounts across the European Union and the United States.
According to a post from Twitter last August, the vulnerability enabled hackers to hand email addresses or phone numbers to the API in order to identify the respective account.
Although Twitter patched the vulnerability in January 2022, millions of users’ phone numbers and email addresses are still available online, which highlights how the impact of exposed APIs can be devastating to modern organizations.
The Twitter breach comes amid a wave of attacks targeting the API, with Salt Security reporting that 95 percent of organizations experienced security issues with their APIs over the past 12 months, while 20 percent suffered a data breach as a result of vulnerabilities. Security in APIs.
This high rate of exploitation is consistent with market research firm Gartner’s forecast that API attacks will become the most common attack vector in 2022.
An unfortunate fact of API attacks is that vulnerabilities in these systems provide access to unprecedented amounts of data, and in this case, the number of affected Twitter users was 5.4 million or more.
This is a problem. Because when an attacker gains access to the API, they will have direct access to the organization’s core databases, and all the information within them.
Then the most important threat that arises from this breach is social engineering. Using the names and addresses that attackers obtain, they can target users through phishing emails to try to trick users into handing over personal information and login credentials.
While these scams will target end users, organizations and security teams can provide timely updates to ensure that users know what threats they are likely to encounter and how to counter them. It is also a good idea for security teams to remind employees to activate two-factor authentication on their personal accounts to reduce the possibility of unauthorized logins.