Connect with us


Tech

Twitter data leak exposes over 5.4 million accounts

Published

on

Earlier this year, Twitter confirmed that the private user data for 5.4 million users was stolen due to an API vulnerability, but the company said it had “no evidence” that it was exploited. Now, all of those accounts have been exposed on a hacker form, BleepingComputer has reported. On top of that, an additional 1.4 million Twitter profiles for suspended users was reportedly shared privately, and an even larger data dump with the data of “tens of millions” of other users may have come from the same vulnerability.

The owner of hacking forum called Breached told BleepingComputer that it was responsible for exploiting the weakness (originally obtained from another hacker called “Devil”) and dumping the user records. It said that it also obtained 1.4 million Twitter profiles for suspended accounts, obtained via another API, but only shared those privately among a few individuals.

Advertisement
READ ALSO:   Markets: Bitcoin back above US$17,000; Ether, crypto market extend weekend gains

On top of all that, security expert Chad Loder has revealed that tens of millions more Twitter records may have been collected using the same API. Once again, data collected may include private phone numbers along with public information. Loder posted a redacted sample on Mastodon, as he was banned on Twitter several days ago for unknown reasons. It could contain over 17 million records, BleepingComputer was told.

The breaches leaked users’ private phone numbers and email addresses, which could be used for phishing and other scams. That information could also be exploited to uncover identities from private Twitter accounts. As usual, be very wary of any suspicious emails or texts claiming to come from Twitter — and if you’re thinking about using two-factor authentication, now would be a good time.

Advertisement
READ ALSO:   Tech workers are taking to TikTok to debate 'fake work'
Advertisement







Also Read...