Twitter announced a security exposure from last year in which alleged state-sponsored actors used a Twitter feature to link identifiers to online accounts. The actors matched phone numbers to twitter usernames, a clear breach of anonymity when abused although the feature was designed to enhance the viral nature of the platform.
Twitter found the exposure in December when a large network of fake accounts were found utilizing the particular API. On Tuesday, Twitter disclosed the breach, stating that the high volumes of requests were coming from IP addresses in Iran, Israel, and Malaysia. Some of these IP addresses had links to suspected state-sponsored bad actors.
Read More: Twitter Confirms ‘Nation-State’ Attack: User Identities Breached