A Hacker Has Claimed That He Has Obtained The Data Of 400 Million Twitter Users including Sundar Pichai And Actor Salman Khan: 2022 has been an active year for Twitter. Even while not everything at the Elon Musk-led company is doing smoothly, more problems are on the way.
According to one of the most recent claims, a hacker may have acquired the personal information of close to 40 crore individuals, including those of Salman Khan and Sundar Pichai, the CEO of Google. According to reports, the dark web is used to sell all personal information.
According to a report by the Israeli cyber intelligence firm Hudson Rock, Twitter user data that is put up for sale on the dark web includes personal information like email addresses, names, usernames, followers, and occasionally even phone numbers.
Detect Data ⚠
"Threat Actor": "#Ryushi",
"Content": "#Twitter 40Million Users – Celebrities – Account No – Addresses – Email IDs – Passwords – Phone No#Database – #Leaked!",
"Type": "#Dataleak"#infosec #Hacked #CyberSecurity #DataBreach pic.twitter.com/n7yUITwi6r
— Syed Najmul huda ₿.🍁| Elliot Alderson Stan Acc. (@iamsta_) December 26, 2022
Although millions of Twitter users’ data had been obtained by hackers before, this incident is undoubtedly the largest ever. Remember that over 5.4 million Twitter users’ data were exposed a few months ago? A new data leak probe has been announced by the Irish Data Protection Commission (DPC).
Biggest Twitter leak
Regarding the most recent disclosure, an example of the data was shared on a hacker forum by an unidentified hacker. The sample data demonstrated the type of information offered for sale on the dark web. It also said that a few high-profile accounts had also been hacked as a result of the leak. Several of the prominent account holders include —
– Alexandria Ocasio-Cortez
– CBS Media
– Donald Trump Jr.
– Doja Cat
– Charlie Puth
– Sundar Pichai
– Salman Khan
– NASA’s JWST account
– Ministry of Information and Broadcasting, India
– Shawn Mendes
– Social Media of WHO
According to Hudson Rock, an API flaw may have allowed the hacker access to the private information of millions of Twitter users. The weakness might have given the hacker access to private information including email addresses and phone numbers belonging to millions of Twitter users. Screenshots of the hacker’s post on the dark web were posted by Hudson Rock.
The hacker posted the following there: “If Twitter or Elon Musk is reading this, they already run the possibility of being fined under the GDPR for a breach that resulted in 5.4 million users’ data being exposed.
Buy this data only if you want to avoid having to pay the $276 million USD in GDPR breach fines that Facebook had to pay (as a result of 533 million users being scraped).”
Additionally, the hacker stated that he is willing to “negotiate” with a middleman. “I’ll then delete this topic and promise never to sell this data again.
Furthermore, data won’t be sold to third parties, preventing a lot of politicians and celebrities from Phishing, Crypto frauds, Sim swapping, Doxxing, and other activities that will annoy your users. Imagine well-known content creators and influencers getting hacked on Twitter; this will undoubtedly cause them to leave the platform and ruin your dream of a Twitter video-sharing platform for content creators.
A hacker has claimed that he has obtained the data of 400 million Twitter users. The cybercriminal offered Elon Musk to buy the user database for $276 million before someone else buys it.https://t.co/Q7UVuFeGjp
— NEXTA (@nexta_tv) December 26, 2022
Additionally, since you made the mistake of changing Twitter policy, which resulted in a huge backlash, “As the screenshot published by Hudson Rock demonstrates, the hacker said.
“The data is increasingly more likely to be valid and was probably obtained from an API vulnerability enabling the threat actor to query any email/phone and retrieve a Twitter profile,” wrote Alon Gal, co-Founder, and CTO of Hudson Rock, in a LinkedIn post. “This is extremely similar to the Facebook 533m database that I first reported about in 2021 and resulted in a $275,000,000 fine to Meta.”
As of right now, neither Elon Musk nor Twitter has acknowledged the data leak. Currently under investigation by the Irish Data Protection Commission (DPC) is a previous data breach that allegedly exposed over 5 million Twitter accounts.