Five months after it suffered a major breach, social media giant Twitter is reportedly again been hacked.
Hackers stole the email addresses of more than 200 million Twitter users and posted them on an online hacking forum, according to Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock. The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing, Gal wrote on LinkedIn.
Twitter has not commented on the report, which Gal first posted about on social media on Dec. 24, nor responded to inquiries about the breach since that date. It was not clear what action, if any, Twitter has taken to investigate or remediate the issue, according to a report by Reuters.
An apparently credible threat actor is claiming they have the data of 400,000,000 Twitter users and attempting to sell the information. The database is private according to them, and contains devastating amounts of information including emails and phone numbers to high profile users.
The threat actor provided a valid sample of 1,000 notable accounts and included the private information of – AOC, Brian Krebs, Vitalik Buterin, Kevin O’Leary, Donald Trump JR, and many more. They claim this data was obtained up to early 2022 due to an exploit in Twitter and in their post they talk directly to Elon Musk asking him to buy the data to avoid GDPR lawsuits.
Gal wrote that at this stage it is not possible to fully verify that there are indeed 400,000,000 users in the database, or that it came directly from Twitter.
The data is increasingly more likely to be valid and was probably obtained from an API vulnerability enabling the threat actor to query any email / phone and retrieve a Twitter profile (https://lnkd.in/dMsWwiJa).
This is not the first time that Twitter’s systems have been breached. In August, Twitter has reported to have a service outage which affected both the app and web versions of the platform, with many claiming that they were being logged out or were unable to load their home feed.
Post Elon Musk acquiring the troubled social media giant, Twitter had to resort to cost cuts, in an effort to restructure the company.