According to some reports, 400 million Twitter users’ private emails and connected phone numbers were among the data that was put up for sale on the black market.
A “credible danger” involving someone purportedly selling a private database of contact information for 400 million Twitter user accounts was identified by cybercrime intelligence firm Hudson Rock on December 24.
“The private database contains a devastating amount of information, including emails and phone numbers from high-profile users like AOC, Kevin O’Leary, Vitalik Buterin, and more,” Hudson Rock explained before adding:
“In the post, the threat actor claims the data was obtained in early 2022 due to a vulnerability in Twitter and attempted to blackmail Elon Musk to buy the data or face GDPR lawsuits.”
Given the number of accounts, Hudson Rock stated that while it was unable to completely verify the hacker’s claims, “independent verification of the material itself seems credible.”
DeFiYield, a Web3 security company, examined 1,000 of the hacker’s sample accounts and determined the information is “genuine.” It has also gotten in touch with the hacker via Telegram and discovered that they are both active and looking for a buyer.
If the hack is confirmed to be real, it may be quite concerning for crypto-Twitter users, especially those using a pseudonym.
However, several users have emphasized that such a massive breach is difficult to imagine, given that there are apparently currently approximately 450 million active monthly users.
The suspected hacker still has an open post-Hurt Promote the database to buyers at the time of writing. It also specifically demands that Elon Musk pay $276 million to prevent selling the data and cover a GDPR charge.
The hacker promises to destroy the data and not sell it to anyone else if Musk pays the ransom “to save a lot of celebrities and politicians from phishing, crypto scams, sim swapping, doxxing and other things.”
The data breach in issue is said to have been caused by the “zero-day attack” on Twitter, which involved the exploitation of an application programming interface flaw from June 2021 that was fixed in January of this year. By effectively scraping private data, hackers were able to create databases that they then sold on the dark web.
According to a Nov. 27 report by Bleeping Computer, in addition to this purported database, two others have also reportedly been discovered, one having around 5.5 million individuals and another purportedly holding up to 17 million people.
Targeted phishing efforts through SMS and email, sim-swap attacks to get access to accounts, and doxing of private information are risks when such information is published online.