Ahmad Kamran 
API( Application Programming Interface), feature in twitter helps intruders to get access to mobile numbers of over 17 million twitter exposed users.
The report of the incident was publicly announced by the twitter officials. They expected that a security researcher has abused API feature of twitter. There were some discussions about the possibility of exploitation of this feature in December 2019.
Balic, an expert security researcher, had identified this latent threat but no considerable efforts were made at that time to handle the issue. A difficult situation is created for twitter to answer the pairing ability of this security flaw.
API is able to pair a much number of mobile numbers to their respective twitter accounts, which is more than its intended purpose of usage.
We recently discovered an issue that allowed bad actors to match a specific phone number with the corresponding accounts on Twitter. We quickly corrected this issue and are sorry this happened. You can learn more about our investigation here: https://t.co/Z6Q4geQ8jo
— Twitter Support (@TwitterSupport) February 3, 2020
User form Israel and some Arab countries were majorly affected by this incident. Its expected that exploiters might belong to the same regions. It was observed that all those accounts haven`t linked to mobile numbers remained safe in the incident.
Following the incident, twitter has shown some major moves to lead the giant professional social media site to a higher level of security.
Read More: Facebook plans to introduce ads in WhatsApp postponed
In the first place, they have removed all the fake accounts form their site. API feature is modified immediately after the incident, which will surely halt abuse of this feature in the future.
A disappointment has been observed over the security flaw of twitter by many users around the world. This is surely a hard situation for twitter and it will take some time to get things better.
Twitter officials have ensured its users that the incident is identified and required actions are already taken.
