Security News > 2020 > February > Twitter Suspends Fake Accounts for Exploiting API Vulnerability
Twitter on Monday announced that it has suspended a large number of fake accounts that had exploited an API vulnerability to match usernames to phone numbers.
The fake accounts were exploiting a feature meant to help users with newly created accounts find people they might already know on the online platform.
Users who did not enable the option to let others find them on Twitter via the phone number, or those who did not have a phone number associated with their Twitter account, were not exposed to this attack.
In a blog post on Monday, Twitter said the network of fake accounts exploiting its feature was spread across a wide range of countries.
On December 24, TechCrunch ran a story revealing how security researcher Ibrahim Balic was able to exploit a vulnerability in Twitter for Android and match 17 million phone numbers to usernames.