Twitter Data Leak Exposes Business Clients
Leo Daniels • June 26, 2020
This is a subtitle for your new post
Twitter has contacted its business clients to warn them of a potential breach of their data.
It said that email addresses, phone numbers and the last four digits of card numbers may have been accessed by others, thanks to a technology snafu which exposed the information.
It meant that billing information viewed on ads.twitter.com or analytics.twitter.com may have been exposed in the browser’s cache.
The social network first became aware of the incident on May 20 and said it took immediate action to remediate and notify any affected customers.
The snafu is not thought to have affected consumer users of the service, according to the BBC.
This isn’t the first time something like this has happened on the social platform.
Around a month before this incident, Twitter warned users that non-public information may have been stored in their Firefox browser’s cache.
“This means that if you accessed Twitter from a shared or public computer via Mozilla Firefox and took actions like downloading your Twitter data archive or sending or receiving media via Direct Message, this information may have been stored in the browser’s cache even after you logged out of Twitter,” it said at the time.
Although it’s unclear how many businesses were affected by the May breach, experts generally agreed that incidents of this kind are likely to have a limited impact on customers’ data security and privacy.
“The vector here requires physical access to the device, so it may not be as exploitable as an alert like this might indicate,” explained Edgescan
product architect, David Kennefick.
“What Twitter has done is update its headers to include no-store and no-cache, which disables storing data from a website locally.”
Tripwire senior security researcher, Craig Young, added that the incident could still provide a “teachable moment” regarding shared computers.
“Whether you regularly rely on libraries or internet cafes for access or just need to print the occasional boarding pass from a hotel lobby, there can be a risk of exposing personal data,” he argued.
“Ideally, the best solution is to simply avoid using shared computers when entering or accessing personal data but this is not always an option. The next best solution is to bring your own web browser and take it with you when you go.”
We’re 1-fix, we can help you secure your business
At 1-fix, we take a realistic approach to technology – ensuring our client’s systems are best protected.
If you have any concerns, questions or simply want to explore how to better secure your business, please do get in touch with the team for a FREE demonstration, consultation to explore how exposed your business might be and identify actions to take.
Join Our Mailing List
All sign-ups are handled inline with our privacy policy and can unsubscribe at any time.
Recent Blogs
Avoid the risks of using Office 365 Home at work. Learn why Office 365 for business is the right choice for security, scalability, and compliance.
Discover the key benefits of outsourced IT support, from enhanced cybersecurity and 24/7 monitoring to cost savings and regulatory compliance.
Stay cyber secure while travelling with 10 expert tips. Use VPNs, avoid public Wi-Fi, and protect your data on the go.
In a world where AI is changing how we work and compete, security is more important than ever. We are gathering industry leaders and AI experts for a special roundtable event. This event will focus on a key topic: AI security.
Microsoft 365 Business Basic offers a range of cloud-based services designed to empower businesses to work smarter and more efficiently. Let's delve into what this package includes and how it can benefit your organisation.
We’re excited to announce an informative webinar featuring Elliot Wilkie from Brigantia and Craig Atkins from 1-Fix, diving deep into the world of DMARC on 8th July at 2 PM . This is an essential session for anyone looking to secure their email communications, understand DMARC compliance, and enhance their email deliverability.
