Basically Twitter got pwned big time, and now denies it because GDPR will ruin them if breach is proven.
Here is what Doubi's online followers figured:
State security got all phone numbers used for Twitter phone verification up to May 2019 and possibly till July.
Twitter haphazardly closed the breach in complete secrecy.
API hole explanation is excluded as people with 100% private accs got police visits.
People with foreign SIM cards also got into trouble. So the explanation that China compromised Twitter's SMS providers is also excluded, as its improbable that they did it in 4+ countries.
2016 breach is also out of question.
The only explanation is that they got hold on a big piece of their user DB, or, worse, they have an active infiltrator in Twitter, or Twitter voluntarily cooperated.
Here is what Doubi's online followers figured:
State security got all phone numbers used for Twitter phone verification up to May 2019 and possibly till July.
Twitter haphazardly closed the breach in complete secrecy.
API hole explanation is excluded as people with 100% private accs got police visits.
People with foreign SIM cards also got into trouble. So the explanation that China compromised Twitter's SMS providers is also excluded, as its improbable that they did it in 4+ countries.
2016 breach is also out of question.
The only explanation is that they got hold on a big piece of their user DB, or, worse, they have an active infiltrator in Twitter, or Twitter voluntarily cooperated.
https://mobile.twitter.com/robert_spalding/status/1134797195...
https://amp.ft.com/content/afd44222-5c34-11e9-9dde-7aedca0a0...
reply