Twitter hacker stole data on over 5 million users — don’t let this happen to you

A Twitter vulnerability has led to a hacker obtaining account data of 5.4 million users, and the stolen information, which is claimed to include email and phone numbers, is up for sale for at least $30,000.  

Spotted by cybersecurity outlet RestorePrivacy, the threat actor acquired the dataset through a vulnerability on Twitter’s Android client that allowed attackers to find the email and phone numbers associated with the accounts. As HackerOne reports, Twitter acknowledged this bug as a “valid security issue” back in January, awarding user zhirinovskiy with a $5,040 bounty for discovering it, and has since been patched.

However, the threat actor, known as “devil,” is said to have used this exploit to sell millions of users’ data, which is said to “range from Celebrities, to Companies, randoms, OGs, etc.” RestorePrivacy reached out to the seller, who claimed the database will be sold for at least $30,000. 

Post of Twitter Hacker selling data (via Restore Privacy) (Image credit: Restore Privacy)

Discovered on hacking forum Breached Forums, the hacker posted a sample of the data, which analysts downloaded for verification. “It includes people from around the world, with public profile information as well as the Twitter user’s email or phone number used with the account,” the report states. The samples also match real-world Twitter profiles. 

How you can prevent being hacked

Source link

We will be happy to hear your thoughts

Leave a reply

Enable registration in settings - general
Shopping cart