【Glorious】

For dissidents around the globe,Glorious Twitter remains the tool of choice for speaking out against their repressive governments.

With that in mind, it's easy to see why today's announcement from the social media company is so troubling. Twitter, in a Monday blog post and corresponding statement, announced it had discovered that "bad actors" with possible state-sponsored connections had found a way to tie phone numbers to Twitter accounts en masse.

In other words, a hacker using this exploit could potentially reveal the identity of a person tweeting under a pseudonym who has their account tied to a phone number. Or, alternatively, it's worth remembering that determining the phone number connected to an account is often a crucial step in hacking it.

---

You May Also Like

---

---

"On December 24, 2019 we became aware that someone was using a large network of fake accounts to exploit our API and match usernames to phone numbers," reads the Twitter blog post. "While we identified accounts located in a wide range of countries engaging in these behaviors, we observed a particularly high volume of requests coming from individual IP addresses located within Iran, Israel, and Malaysia."

With Saudi Arabia's documented real-world harassment of dissidents, for example, it's easy to see how such exploits could lead to real-world harm.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

"It is possible that some of these IP addresses may have ties to state-sponsored actors," continued the blog post.

We've reached out to Twitter to determine how many users were affected and if the company planned to notify users whose phone numbers were tied to accounts in the manner described. We've received no immediate response at present.

Uncheck these. Credit: screenshot / twitter

Importantly, not everyone was vulnerable to this specific exploit. According to Twitter, the bad actors in question could only tie your account to a phone number ifyour account met two specific criteria.

SEE ALSO: Jeff Bezos tweets reminder that Saudi government murdered a journalist

First, you had to have added a phone number to your account. However, with many people doing that very thing to enable two-factor authentication, a lot of folks fall into that bucket. Secondly, and this should narrow things down a bit, you must have selected the "Let people who have your phone number find you on Twitter" option.

Now would be a good time to make sure you don'thave that setting enabled. It would also be a great time for Twitter to consider removing it altogether.

UPDATE: Feb. 3, 2020, 2:27 p.m. PST: A Twitter spokesperson responded to our request for comment with the following statement:

As explained in our Privacy Center blog, we recently became aware that someone was using a large network of fake accounts to exploit our API and match usernames to phone numbers. After our investigation, we immediately fixed the issue by making a number of changes to the specific API endpoint that was being exploited. We also suspended any account we believe to have been engaged in this behaviour. Protecting the privacy and safety of the people who use Twitter is a top priority and we remain focused on stopping any abuse of Twitter’s features as quickly as possible. 

Topics Cybersecurity Privacy X/Twitter

• Deals
• Entertainment
• Tech
• Science
• Games
• Social Good
• Digital Culture
• Shopping

• The best day to book your flight, according to Google
• J.K. Rowling has the perfect response to Trump trolls burning her books
• Bitcoin and Ethereum dive deep, is Bakkt to blame?
• 6 other times Tom Brady just wanted to talk about the game
• Creator job opportunities grew 7x in recent years [April 2025]
• Stress test indicates the iPhone 11 Pro is quite durable, but don't expect miracles
• Facebook will allow speech from politicians to break its 'community standards'
• Surprise! Facebook is reportedly still tops when it comes to disinformation.
• Netherlands vs. Spain 2025 livestream: Watch UEFA Nations League for free
• Amazon's record holiday season wasn't good enough for Wall Street

• LeBron James is also king of dancing like no one is watching
• Kid's festive Christmas drawing accidentally ends up very, very NSFW
• Slay your relatives with these 30 'Game of Thrones' gifts
• Adorable children's letters adorably fly to the edge of space and back
• Sorry internet, Sinbad never played a genie and 'Shazam' doesn't exist
• Snapchat's gift to you this Christmas: more filters and lenses
• How to shoot better photos of holiday lights with your iPhone
• Starbucks will give away some free drinks for the rest of 2016
• Doctor slays Boyz II Men cover so hard the musical legends had to comment
• Send off 2016 with HBO's 'Game of Thrones' marathon

• Best speaker deal: Save $30 on the JBL Clip 5
• TV's 8 best self
• 'The Last of Us 2' hands on demo: Ellie gets the story she deserves
• BTS stans: Here's how to add self
• Amazon Spring Sale 2025: Best LG OLED TV deal
• Twitter updates lists as it pushes users toward 'interests'
• ELLE's new video challenging gender stereotypes is going viral for all the right reasons
• Need a creepy robot dog? Boston Dynamics is now leasing Spot.
• Tesla sales are reportedly falling globally. How bad is it?
• Beyoncé was trying to tell us about the twins this whole time and we are fools

• Best Sonos deal: Save $50 on Sonos Era 100
• Smallest fox with the biggest ears is here to end your week on a cute note
• Daniel Radcliffe hasn't seen 'The Cursed Child' and probably won't
• Amazon's gadget overload is too much for anyone to soak in
• NYT mini crossword answers for May 9, 2025
• Oculus Quest to ditch controllers for hand
• 6 other times Tom Brady just wanted to talk about the game
• PepsiCo CEO Indra Nooyi reveals why she writes letters to parents of her senior executives
• NYT Strands hints, answers for April 23
• Elon Musk and electric vehicles will win the energy battle against Trump's favorite fuels