Twitter tumbles on concerns about hacking activity
Twitter shares fell almost 7% after the company said it was investigating unusual traffic that might be from state-sponsored hackers and, in what appeared to be an unrelated issue; a security firm said hackers used the platform to try to steal user data.
In a blog, Twitter said that it discovered suspicious traffic to a customer-support forum while investigating a security bug that exposed data, including users' phone country codes and details on locked accounts. It said the bug was fixed 16 November.
Twitter observed a large amount of traffic to the customer support site coming from individual Internet IP addresses in China and Saudi Arabia.
"While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors," the blog said.
"We continue to err on the side of full transparency in this area and have updated law enforcement on our findings," it said.
A company spokesman declined to elaborate as Twitter shares posted their biggest drop in more than two months.
Wedbush analyst Michael Pachter blamed the decline on concerns that news of a breach could hurt growth and user engagement.
"Clearly, a breach like this impairs user trust in the platform," he said.
Separately, security software maker Trend Micro said in a blog earlier on Monday that attackers sent out two tweets in October in a bid to steal data from previously infected machines.
The hackers hid instructions in tweeted memes that secretly ordered infected devices to send information, including user names, screen images and other content, Trend Micro said.
The Twitter spokesman declined comment on the Trend Micro report.
Twitter resolves issue that could have exposed user country code
Meanwhile, Twitter said on Monday it has resolved an issue with one of its complaint forms that could have revealed country code of phone numbers linked to account holders.
The issue, which was fixed on 16 November, did not expose full phone numbers or any other personal information of users, the company said.
Twitter said it received a large number of enquiries from individual IP addresses located in China and Saudi Arabia.
"While we cannot confirm intent or attribution for certain, it is possible that some of these IP addresses may have ties to state-sponsored actors," the company said.
Twitter declined to give any additional information on the issue.