Threat Actor Claims 400 Million Twitter Users' Data for Sale


Swirling in the turbulent blue vortex of check marks and near-daily tumult that is Elon Musk’s Twitter, another new and troubling story broke earlier this week. According to a massive discovery made by cybercrime intelligence agency Hudson Rock, the user data from more than 400 million Twitter accounts in December 2021 has been exposed, with said data now up for sale on the dark web.

The “credible threat actor” behind this worrying breach shared a sample of the stolen data to demonstrate its authenticity. Accounts’ usernames as well as real names, emails addresses, phone numbers and more were allegedly pulled, including data from high-profile users like government officials and agencies (e.g. Alexandria Ocasio-Cortez, NASA’s James Webb Space Telescope account, and the WHO) on top of musical celebrities, accounts of foreign authorities, the NBA and others.

According to Dataconomy, Hudson Rock suspects that the hacked information was accessed through an API vulnerability. This flaw, while purportedly fixed in January of this year, was evidently still accessed and abused.

On a hacker forum, the threat actor claimed this is a “sensitive time” before (in what seemed like a direct retort to Musk) said “… just run a poll like usual and people will choose their fate” (as Musk has often done in the past, regarding polling about politics, charged social discourse, and even the status of a new Twitter CEO if he were to step down).

It appears the hacker’s goal is to sell 2021 data back to Musk and Twitter as a whole; for them to buy the data exclusively in order to avoid paying larger GDPR breach fines.

Not only are many now-public identities under the microscope, but banking information and addresses can also often be found via access to phone numbers. (And with more exposed account info, potential phishing attempts and dangerous crypto scams can be enacted more easily, too.)

Right now, tips for lower-profile users include enabling 2FA (via an app, as opposed to a phone number) along with securely-stored passwords, and the use of private, self-hosted crypto wallets for any to which this applies.

This story will be monitored as it develops, with the hopes that Twitter is able to rectify the situation without seeing more data fall in harm’s way.

Edited by Erik Linask
Related Articles

What Is Network Penetration Testing?

By: Contributing Writer    2/7/2023

Network penetration testing is a simulated cyber attack against a computer network to assess the security of the network and identify vulnerabilities.…

Read More

NASA and IBM Gain Better Climate Change Insight with AI

By: Greg Tavarez    2/7/2023

IBM and NASA's Marshall Space Flight Center plan to develop several new technologies to extract insights from Earth observations.

Read More

How to Future Proof Cybersecurity Postures in the Modern Enterprise

By: Contributing Writer    2/6/2023

Companies today are facing cyber threats that are constantly increasing in volume, severity and sophistication. Recently, Mailchimp, Riot Games and La…

Read More

Giving Commercial Building Managers the Edge, Veea and WYND Introduce Connected Indoor Air Quality Solution

By: Reece Loftus    2/3/2023

The partnership between WYND and Veea enables the modern, smart building to automate air operations and enable healthier spaces while saving energy at…

Read More

Making More of Kubernetes in Your Organization

By: Contributing Writer    2/1/2023

Kubernetes is an open-source container orchestration system for automating the deployment, scaling, and management of containerized applications. It w…

Read More