Do not upload your contacts to Twitter. If you do that, or if you already have it on your Android, your phone number may be one of the 17 million displayed in the app, a bug first reported by TechCrunch.

Security researcher Ibrahim Balic, based in London, told the site that he could match records in seven different countries, including one from a senior Israeli politician and several other high-profile users. He did this when he discovered that when someone uploads his contacts, the app would "retrieve user data," he told TechCrunch. It was then possible to match the phone numbers uploaded in the app with the Twitter records and to retrieve account usernames.

Twitter had previously reported a security flaw in its Android app on December 20 that, according to a statement at the time, could "allow a bad actor to see non-public account information or to manage your account (e.g., Send Tweets or Direct Messages ). "

But that error that Twitter reported seemed to be one that depended on inserting malicious code. No malicious code is involved in this new error reported by Balic. It's simply about knowing someone's phone number and being able to retrieve their Twitter persona only from that information.

This is the latest in a series of bugs or hacking attacks that have plagued Twitter and other social networks, including Facebook. In November, both apps said that "hundreds of users" had compiled their data via defective Android apps. E-mails, usernames and recent tweets were all displayed. In both this recent case and in November, Twitter said at the time that it had no evidence that anyone's account had actually been hacked or exploited, although it admitted that there were two bad actors involved paying developers to use malicious software development kits.

Twitter has suffered a few huge leaks in recent years, including one in 2016 that uncovered the login data of 32.8 million users and another in 2018 in which Twitter encouraged 330 million users to change their passwords after entering the internal network of exposed to the company.

