Data from 5.4 million Twitter users in nature. Another breach in the security system of one of the technological giants.
A few months ago, Twitter confirmed that the personal data of as many as 5.4 million users had been stolen due to an API vulnerability, but the company said it had no “evidence”that it had been exploited. According to BleepingComputer, today all these accounts were found on a hacker forum.
Data from 5.4 million Twitter users in the wild
And on top of that, an additional 1.4 million Twitter profiles, or rather blocked accounts, were also allegedly published privately, and an even larger file may have been published containing the data of “tens of millions”of other users. the same vulnerability.
A forum manager nicknamed Breached told BleepingComputer that he was responsible for exploiting the vulnerability (originally obtained by another hacker under the pseudonym “Devil”) and spreading user data. He also explained that he received 1.4 million Twitter profiles for banned accounts obtained through a different API, but that data was only shared privately with a few individuals.
Another breach in the security system of one of the tech giants
On top of all this, security expert Chad Loder revealed that tens of millions of other Twitter data could have been collected using the same API. Again, the data collected may include private phone numbers as well as publicly available information. Chad Loder posted a censored sample on Mastodon as it was banned from Twitter a few days ago for unknown reasons. According to BleepingComputer, the file may contain over 17 million entries.
These flaws led to the leaking of phone numbers and email addresses that could be used for phishing and other attacks. This information can also be used to discover the identity of private Twitter accounts. As always, be careful with emails and other communications you may receive from Twitter. And if you haven’t enabled two-factor authentication yet, now is the time.