Twitter has done it again, and it only took it a couple of months to slip up once more. The social media giant suffered yet another data security incident, where personal business accounts of users who rely on Twitter Ads and Twitter Analytics were compromised.
Apparently, everything was stored in the browser cache, even after the users signed out of Twitter. The incident compromised sensitive information, including contact numbers, email addresses, and the last four digits of the users’ credit cards.
So far, around 75% of B2B businesses market their services and products through Twitter, which might show how effective this incident is. However, Twitter has not released anything about the number of affected accounts yet.
How Serious is It?
While the data is indeed compromised, there are no reports about it being harvested or collected by third parties or cybercriminals.
But the incident is serious and could cause devastating problems for the affected parties. No one knows where the leaked data would go. No one knows who could get a hold of this sensitive information.
The leaked data might be used in phishing schemes. Remember, these are business accounts that could easily be used to make convincing phone calls and send emails in an attempt to fool the unalert users into offering up even more information.
It can be worse actually. Business is all about money, which can also be a way to convince users to submit their credit card information.
If you’re a Twitter user, we highly suggest you clear your browser cache on shared computers or yours once you’re done Tweeting. It’s a good start to prevent your data from being stored even if you log out.
The hit on Twitter’s platform is quite big, especially since a lot of businesses use Twitter’s an advertising and analytics platforms.
The company stated that it discovered the issue back on May 20th, 2020. However, as of now, the problem has been fixed and Twitter sent the following email to the affected parties:
We are writing to let you know of a data security incident that may have involved your personal information on ads.twitter.com and analytics.twitter.com.
We became aware of an issue that meant that prior to May 20, 2020, if you viewed your billing information on ads.twitter.com or analytics.twitter.com the billing information may have been stored in the browser’s cache.
Examples of that information include email address, phone number, last four digits of your credit card number (not complete numbers, expiration dates or security codes), and billing address.
If you used a shared computer, it is possible that if someone used the computer after you they could have seen the information stored in the browser’s cache (most browsers generally store data in their cache by default for a short period of time like 30 days).
On May 20, 2020, we updated the instructions that Twitter sends to your browser’s cache to stop this from happening. While we have no evidence that your billing information was compromised, we want to make sure you’re aware of the issue and how to protect yourself going forward.
If you currently use a shared computer to access your Twitter Ads or Analytics billing information, we recommend clearing the browser cache when you log out. We’re very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.
If you have additional questions, you can write to our Office of Data Protection here <zensiert>
Twitter International Company
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 IRELAND”
Protecting your private information is very important as the impact might be devastating. Cybercriminals will wait for the moment you slip up and harvest your data instantly.
Setting up strong passwords and two-factor authentication is a good way to lower the risks while using Twitter. That’s not all. There are a lot of ways you can secure your data, you just have to know where to get the information from.
There are security websites such as The VPN Guru and the likes that offer easy-to-read guides and walkthroughs in order to help internet users learn how to protect themselves while browsing the web.
Knowledge is everything. If you know how to secure your data, you’ll have the safest internet experience.