A flaw in Twitter allowed attackers to access locked accounts bypassing the locking mechanism implemented by the IT giant. The security expert Karan Saini devised a method to bypass the Twitter account locking mechanism by adding the targeted account to a mobile device. The flaw was reported to Twitter on October 7 and it was patched a few days later. Twitter launched a bounty program in 2014, it is run on the HackerOne platform and bug hunters could earn up to $15,000 for most severe issues.”]
Source: https://securityaffairs.co/wordpress/56923/hacking/twitter-locked-accounts-bypass.html