Twitter’s massive security breach; Hackers sold the information of 400 million users
An API vulnerability in the social network Twitter has apparently allowed hackers to break in and extract the private information of more than 400 million users.
In one of the biggest security breaches in Twitter’s history, the information of 400 million users of the social network has apparently been put up for sale on the dark web. The news of this breach was published in a situation where the Irish Data Protection Commission (DPC) had announced a day before the start of an investigation into the latest data leak on this platform.
According to TheCyberExpress website, “Elon Gale”, co-founder of the cybersecurity company Hudson Rock, claimed that the information of 400 million Twitter users may have been extracted by an API vulnerability. This vulnerability has allowed hackers to harvest data such as email addresses and phone numbers of users.
Gale says that the hackers have, for example, the information of 1,000 well-known accounts, including “Alexandria Ocasio-Cortez“, the representative of the US Congress; “Vitalik Buterin“, the founder of Ethereum; “Donald Trump” and several others have shared. The co-founder of Hudson Rock has also claimed that he has checked a sample of information released by hackers and can confirm their authenticity.
The breach of Twitter can lead to a fine for this company
The person who posted this information claimed to have obtained it in early 2022. He has offered Elon Musk to buy the hacked data to avoid lawsuits against the company in Europe. This company is now facing prosecution due to the breach of its previous information.
Last time, hackers sold the information of more than 5.4 million Twitter users for $30,000. This information included ID, name, login name, location, email, and phone number. In the previous attack, hackers used the vulnerability of an API. This vulnerability allowed hackers to find the corresponding Twitter ID by entering an email address or phone number.
Based on the GDPR rules, the European Union investigates the security problems of social networks and fines these companies if necessary. Ireland’s DPC fined Twitter $450,000 two years ago for failing to report a security breach within 72 hours of becoming aware of it. Previously, Facebook was also heavily fined for leaking the information of its 533 million users. Elon Gall is the one who first identified the Facebook security breach in 2021