Hackers exposed data of 209.5 million Twitter users
According to experts at the dark web leak detection and monitoring service DLBI, the data of 209.5 million Twitter users was exposed to the public.
The DLBI service indicated that the 12 GB file distributed by the hackers contained 209,595,667 lines of information:
user’s first and last name;
Sign in to Twitter;
email address (5.6 million addresses on the .ru domain);
number of subscribers
The date the profile was created.
On December 26, an anonymous hacker on a profile forum posted leaks to sell a database of 400 million Twitter users.
As confirmation, the seller provided a part of the data of 1000 users, which contains the data of the creator of the Ethereum cryptocurrency Vitalik Buterin, Apple founder Steve Wozniak, billionaire Mark Cuban, cybersecurity expert Brian Krebs and other famous personalities.
Independent researchers in the area of information security confirmed the authenticity of the data in the file published in the public domain.
According to the description, the hacker blackmailed Elon Musk with a leaked database and offered the owner of Twitter to buy the data urgently and avoid lawsuits and fines until someone else bought the information.
On August 5, 2022, Twitter confirmed that over 5.4 million social media users had leaked their account data. The company has started sending notifications to affected users that their data, including Twitter ID, first and last name or organization name, phone number and email address, has become public.
Twitter admitted that, due to an update to the platform’s code in June 2021, a bug appeared in the social network’s API related to the incorrect handling of privacy settings and the ability to analyze the Twitter ID and user account data without permission.
Twitter explained that the hack did not reveal account passwords, but that account databases could be used by attackers to send fraudulent emails. The social network recommends that users change their passwords and enable two-factor authentication on their accounts to prevent unauthorized logins as a security measure.
After the leak was exposed, experts said an attacker could upload this data using a vulnerability in the Twitter mobile app for Android. It was there until the end of 2021.
With its help, it was possible, using a simple Python script and the Twitter API, to parse the Twitter ID and account data associated with your social network account without permission, even if the user hide them. fields in the privacy settings.
This was possible due to an error in the authorization process in the Android Twitter client, in particular, due to an error in the verification process of a duplicate Twitter account.
A report on this vulnerability by a security expert under the pseudonym zhirinovskiy was published on HackerOne in early January 2022. Twitter acknowledged the vulnerability and paid the white hat hacker a bounty of $5,040.
On January 13, the developers of the social network patched this vulnerability in the mobile version of Android and in its internal systems.