In January, Twitter suffered from a security vulnerability, and it was used to cull the details of around 5.4 million users. The hacker is now offering the data for sale online.
Twitter Hack is Selling Data
According to Apple Insider, the number of accounts that were hacked on Twitter is small compared to the T-Mobile hack in August 2021, wherein 478 million customers were affected.
It is even smaller compared to the 70 million users of AT&T that were hacked in September 2021.
However, according to to Restore Privacy, the hacked data now on sale comes from a vulnerability that was reported in early 2022.
Twitter acknowledged that this was a valid security problem, and the company even paid the discoverer of the hack, zhirinovskiy, $5,040 as a reward.
Sven Taylor of Restore Privacy said that HackerOne user zhirinovskiy described in the report that a threat actor is now selling the data that was acquired from the security vulnerability.
Taylor said that the post is still live now, with the Twitter database allegedly consisting of 5.4 million users being for sale.
He added that the seller on the hacking forum goes by the username "devil," and the dataset that they stole includes random users, creators, celebrities, and companies.
Restore Privacy reached out to the database seller to gather additional information, and the seller is asking for $30,000 for the database, which is now available because of "Twitter's incompetence."
The seller has posted about the data on the website Breach Forums. Restore Privacy said that the forum's owner has verified the authenticity of the data leak.
A sample of the data available is included in the forum's posting, and it shows the publicly available Twitter profile information alongside phone numbers and email addresses that are used for logging in on the website.
However, the data does not include passwords. Even though it contains email addresses that could be used to retrieve or change passwords, a bad actor would have to have access to that email account's login credentials first.
The fear is that more data could be sold for advertisers to exploit, and not really about the accounts being compromised by the bad actors.
Hacker Sentenced to Prison
In 2021, a teenager from Tampa, Florida, took control of several Twitter accounts and used them to solicit more than $100,000 in Bitcoin.
The hacker, Graham Ivan Clark, pleaded guilty to state charges in exchange for a three-year prison sentence.
The 17-year-old hacker was accused of masterminding a social media hack that targeted some of the most famous names, according to Tampa Bay Times.
Among the accounts that were compromised were that of President Joe Biden, former US President Barack Obama, Kanye West, Elon Musk, Bill Gates, Mike Bloomberg, Jeff Bezos, Warren Buffet, Kim Kardashian, Floyd Mayweather, Uber, Apple, and other tech companies.
The agreement allowed the teenager to be sentenced as a youth offender, avoiding a prison sentence of 10 years. The mandatory minimum will only apply if Clark violates his three-year probation.
Clark will serve time in a state prison that is designated for young adults. He may be eligible to serve his time in a boot camp.
Related Article: Twitter Bitcoin Hack: Here's a Shocking Info That Twitter Tries to Hide
This article is owned by Tech Times
Written by Sophie Webster