New Delhi: Amid the chaos and Twitter's hotline operator Elon Musk's claim to improve and revolutionise the platform, About 5.4 million Twitter user records have been stolen via an internal defect and posted online on a hacker forum. There were an additional 1.4 million Twitter profiles gathered via a different Twitter application programming interface (API) that were in addition to the 5.4 million records for sale online. These accounts were purportedly shared privately among a small group of people.


COMMERCIAL BREAK
SCROLL TO CONTINUE READING

According to Bleeping Computer, the vast amount of data includes scraped public data as well as private phone numbers and email addresses that are not intended for public use. The story was first broken on Twitter by security expert Chad Loder, who was quickly suspended from the service. (Also Read: WhatsApp data breach: Here's step-by-step guide to check whether your data is leaked or not)


"I recently learned about a significant Twitter data breach that affected millions of US and EU Twitter accounts. I got in touch with a small number of the impacted accounts, and they confirmed that the stolen information is true. This hack did not happen until 2021, "Twitter had a post from Loder. (Also Read: ATTENTION! 3 BIG changes in December 2022 that have direct impact on your finance)


Using a patch for a Twitter API vulnerability, the data comprising private information was taken in January of this year. According to the study published on Sunday, this data was gathered in December 2021 via a Twitter API vulnerability that was made public through the HackerOne bug bounty programme.


The majority of the information was openly available, including Twitter IDs, names, login names, locations, and verified status. Private information like phone numbers and email addresses was also included. Twitter and Musk have not yet responded to the report.


The Breached hacker forum's owner, Pompompurin, told BleepingComputer that "they were responsible for exploiting the issue and making the large dump of Twitter user details after another threat actor identified as "Devil" shared the vulnerability with them," according to the article.


The study claims that the same vulnerability was used to create an even bigger data dump than the 5.4 million records that hackers posted online. The report stated, "We were told that it contains over 17 million records, but we were unable to independently validate this. Data from 5.4 million Twitter users was leaked online, and it will only get worse