Cyber Security News

Massive Twitter Breach – Over 5.4 Million users’ Data Leaked Online

It has been discovered recently that over 5.4 million personal records of Twitter users have been stolen by threat actors and publicly exposed on a hacker forum for free.

While to accomplish this illicit activity threat actors exploited an API vulnerability that was fixed in January. On the popular hacking forum, Breached Forums, the threat actors offered the stolen data for sale to interested users.

Despite being recently fixed, this bug was exploited by an unknown number of malicious actors, demonstrating how widely this flaw was exploited.

Data Leaked Online

The vulnerability was first reported by HackerOne in January of this year. Anyone could take advantage of this flaw by entering an email address or phone number to find the associated Twitter ID for further exploitation.

The data set contains the following things:-

  • Twitter IDs
  • Names
  • Login names
  • Locations
  • Verified status
  • Private phone numbers
  • Email addresses
  • Other private information

An anonymous threat actor surfaced on a hacking forum last July where the threat actor was found selling the stolen data for $30,000 of more than 5.4 million Twitter users.

Post on Darkweb forums

It is estimated that these users range from:-

  • Celebrities
  • Companies
  • Randoms
  • OGs

HackerOne’s bug bounty program disclosed a vulnerability in the Twitter API in December 2021, which was used to collect this data.

HackerOne’s disclosure has not been leaked yet, so it is unclear whether or not this was the case. However, Twitter’s private information was being accessed by multiple threat actors through the exploitation of this bug.

As a result of a bug in Twitter’s API that was patched in January 2022, Twitter experienced this massive data breach, and Twitter itself has confirmed this breach.

The owner of the Breached hacking forum, Pompompurin stated:-

“As a result of another threat actor dubbed ‘Devil’ sharing the vulnerability with us, we were obliged to exploit the vulnerability and dump a massive amount of Twitter user information.”

Additionally, 1.4 million Twitter profiles of suspended users were also collected using a different API in addition to the 5.4 million records for sale. Therefore, it was found that almost 7 million Twitter profiles contained private information on them.

However, there were only a few people who received this second data dump privately, which implies that this second dump was not for sale.

Data Shared for Free

Earlier this month, on November 24th, it was reported that 5.4 million Twitter records had been recently made public on a hacking forum, which was now available for free.

This dump includes a total of 5,485,635 Twitter user records, which were included in the dataset that was sold in August. The following information is contained in these records:

  • Email address
  • Phone number
  • Twitter IDs
  • Name
  • Screen name
  • Verified status
  • Location
  • URL
  • Description
  • Follower count
  • Account creation date
  • Friends count
  • Favorites count
  • Statuses count
  • Profile image URLs

There is a concern surrounding the fact that the same threat actors might have exploited the same vulnerability in order to create an even larger data dump than this.

The new data dump could contain tens of millions of Twitter records, which is a potentially alarming situation.

Security expert Chad Loder shared the essential news of this significant data breach on Twitter for the first time. However, the most astonishing thing is that just after his publication he was suspended by the platform.

Among the numerous files that make up this newly discovered data dump, there are a number of files that are broken down by country and area code, including the following countries:- 

  • Europe
  • Israel
  • The USA

While users are recommended to stay aware of phishing emails since these stolen data could be abused by threat actors for targeted phishing attacks.

SWG – Secure Web Filtering – Download Free E-book

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

NVIDIA ChatRTX For Windows App Vulnerability Let Attackers Escalate Privilege

A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…

2 hours ago

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.…

2 hours ago

2 Chrome Zero-Days Exploited At Pwn2Own 2024 : Patch Now

Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that…

3 hours ago

Source Code of Italian anti-piracy Platform Privacy Shield Leaked on GitHub

The source code and documentation of the Italian anti-piracy platform Privacy Shield have reportedly been…

5 hours ago

Wireshark 4.2.4 Released : What’s New!

Wireshark remains the go-to choice for both professionals and enthusiasts due to its unmatched capabilities…

10 hours ago

Microsoft Edge Flaw Let Hackers Silently Install Malicious Extensions

Guardio Labs has uncovered a significant vulnerability in Microsoft Edge, Microsoft's flagship web browser, that…

20 hours ago