We have always believed and of course we continue to believe that the dual authentication system is safer for the security of our data and also for the protection of our online accounts.
After what has happened we realize that two-factor authentication is not as good a thing as we thought. It will jeopardize our privacy and our ability to choose freely on the Internet.
This article will also interest you: The CEO of Twitter and his hacked account. What is the substance of the story?
Recently it was communicated by TechRadar precisely on October 9, 2019 that the social network Twitter had authorized access to advertisers to use phone numbers of its users. In addition to a telephone number, it could be that the social network also allowed these same advertisers to recover the registered email addresses.
As if to apologize or defend itself, Twitter claimed that this was due to a "recently discovered" security flaw, which concerned its method of protecting the personal data of users who activated dual authentication. As we know, this last process doubles its security of access by sending code to the address by the user. This second code comes after the use of the first passcode. This of course makes it difficult to hack accounts from a foreign terminal.
It is known that this feature has existed since 2017 on Twitter, and apparently everyone who has provided their phone number to take advantage of this protection will be affected by this likely security flaw. And we know that the social network also often uses this identification process to ensure that the account is not managed by a robot. Clearly it was a method that benefits both sides. So far, of course. Unfortunately, "This data may have been inadvertently used for advertising purposes," the social network finally acknowledged in a statement. Apparently, this flaw was used to create several advertising programs for Twitter's partners and also to set up new targeted audiences.
Security flaw or deliberate action?
For many observers, the social network would have voluntary procured to its advertisers a list not to say lists containing marketing data essentially from phone number and email address. « We're really sorry that it happened, and we're taking measures to ensure that such an error is not repeated (…) we we do not know exactly how many people are affected (…) In an effort to be transparent, we want everyone to know ».
Twitter nevertheless wanted to confirm that no users' personal data has only been shared to third parties. That any use that has been made with personal information that has leaked, has only been used for activities organized on its platform.
However, this is a real violation of users' privacy. This kind of misdirecting is not an isolated fact. This is becoming practically a habit among the digital giants. One wonders what punishment Twitter will be sentenced to because such levity should not go unpunished.
Now access an unlimited number of passwords: