A threat actor is claiming they have obtained data of 400,000,000 Twitter users and is offering it for sale.
A threat actor claims they have obtained data of 400,000,000 Twitter users and is attempting to sell it.
The seller claims the database is private, he provided a sample of 1,000 accounts as proof of claims which included the private information of prominent users such as Donald Trump JR, Brian Krebs, and many more.
The seller, a member of data breach forums named Ryushi, claims the data was scraped via a vulnerability, it includes emails and phone numbers of celebrities, politicians, companies, normal users, and a lot of OG and special usernames.
The seller is also inviting Twitter and Elon Musk to buy the data to avoid GDPR lawsuits.
“Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source. Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively.” reads the advertising.
The seller also announced that the sale is covered by the escrow service offered by the Breached forum administrators (pompompurin).
At this time is it not possible to verify the claims of the seller.
Ireland’s Data Protection Commission on Friday opened a probe into Twitter over an August data breach that has reportedly impacted 5.4 million Twitter users.
“The data is increasingly more likely to be valid and was probably obtained from an API vulnerability enabling the threat actor to query any email / phone and retrieve a Twitter profile (https://lnkd.in/dMsWwiJa), this is extremely similar to the Facebook 533m database that I originally reported about in 2021 and resulted in a $275,000,000 fine to Meta.” explained Alon Gal, co-Founder of threat intelligence firm Hudson Rock.
The Irish Data Protection Commission on Friday announced an investigation into a August incident that saw the contact records of 5.4 million Twitter users dumped on the same forum favored by Ryushi
[출처 : SecurityAffairs / 12.25.]