Twitter has revealed that it discovered attempts by possible state-backed actors to access the phone numbers of some of its users after a security researcher unearthed a flaw in a feature that allows users to upload their contacts.
In a statement published on its privacy blog late Monday, the social media company said it had identified a high volume of requests to use the feature coming from IP addresses in Iran, Israel and Malaysia.
It added that some of the IP addresses may have ties to 'state-sponsored actors.'
A company spokeswoman declined to say how many users' phone numbers had been exposed.
She said Twitter suspected a possible connection to state-backed actors because the attackers in Iran appeared to have had unrestricted access to Twitter, even though the social network is banned in the country.
The feature allows users to connect with people already in their phone contact list.
Twitter said in its statement that it has changed the feature so it no longer reveals specific account names in response to requests.
It has also suspended any accounts believed to have been abusing the tool.