Hackers Sold Over 5 Million users

5.4 million users’ personal information has been stolen by hackers as a result of a vulnerability in Twitter’s database. A price of $30,000 is being asked for this data, and it is currently on a popular hacking forum for sale.

In a stolen data market, a threat actor referred to as ‘devil’ has claimed that the database contained information regarding a variety of accounts like:-

  • Celebrities
  • Companies
  • Random users
  • OGs

Here’s what the threat actor’s post on a hacking forum states:-

“Hello, today I present you data collected on multiple users who use Twitter via a vulnerability. (5485636 users to be exact).”

As a result of this incident, Restore Privacy was the first to report it. This data collection vulnerability was reported to Twitter through HackerOne on January 1st, and then the vulnerability was actually fixed on January 13th.

A report published by HackerOne explains specifically how the vulnerability could be exploited and how it could be simulated. 

Twitter has awarded user zhirinovskiy with a $5,040 bounty following further investigation into the issue, for his efforts to resolve the vulnerability.

It is pertinent to note that this security flaw is similar to the flaw detected in 2021 and used by threat actors to scrape 533 million Facebook account details.

Authenticity of Leaked Data

There hasn’t been any confirmation from Twitter as to whether a data breach has been discovered since the company has not yet confirmed the breach. 

However, it has been informed that Twitter is conducting an investigation into these claims in order to determine whether or not they are genuine.

RestorePrivacy’s security experts did the necessary verification and analysis on the sample database, they downloaded it for verification. 

It consists of people from all over the world, with public profiles and their emails or phone numbers that they use on their Twitter accounts, as well as their public profiles.

It is important to note that the majority of the data being sold is public information, which means that threat actors can use them in targeted attacks involving phishing emails and numbers.

Whenever you receive an email from Twitter, and especially if it asks you to enter your username and password, it is important that you stay vigilant.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.