Twitter data leaked 400 million user details up for sale

Just prior to the Christmas season, criminals published an advertisement on a well-known hacker forum, saying they sold information of more than 400 million Twitter users.

The data comprises Twitter handles as well as email addresses, usernames and telephone numbers. The leakers claim to be willing to sell the data at a price of $50,000.

According to the article posted on hacker’s forum the scrape was a result of an unidentified vulnerability. Data leaks of this magnitude are usually due to flaws in systems that permit the collection of data at a large scale, a method called’scraping.’

The writer of the blog post posted two examples of supposed scraped information. One sample contains private information which is believed to belong to world-renowned athletes, politicians, international organisations, as well as US government agencies.

Threat actors who are selling the leak directly to twitter’s chief executive Elon Musk, who pointed out that his company is confronting repercussions from European authorities for the disclosure of personal data from 5.4m people in July.

On the 23rd of December in Ireland on the 23rd of December, Ireland’s Data Protection Commission launched a investigation into Twitter concerning the July data breach. A leak of data that affected 400 million Twitter users could ignite the blaze that is raging over Musk’s business’s practices for protecting data.

The writer of the article stated that Meta, the parent company of Facebook, was fined EUR265m ($277m) by Ireland’s regulator of data privacy over an incident that revealed thousands of million of users’ information.

“Just imagine famous content creators and influencers getting hacked on Twitter that will for sure make them ghost the platform and ruin your dream,” the threat actor that sold the data claimed.

Cybernews tried to contact Twitter but did not receive a prompt response. The article will be updated in the event that we learn more.

The Twitter scrape could be the second major leak within two months, if it is confirmed. On the 16th of November the threat actor shared an advertisement, offering 2022 databases of 487 million WhatsApp number of mobile users. A study of WhatsApp data by Cybernews is likely to prove that this is true.

The leak of emails and phone numbers could pose serious dangers for the owners of these numbers. Cybercriminals could leverage the information to launch fraud, impersonation, and also fraud.