- 5.4 million Twitter users’ public and non-public information are being shared for free on a hacker forum.
- Experts believe that the information was stolen in late 2021 by using a vulnerability in the API, which was fixed in January 2022.
- The information can be used in phishing attacks, thus, experts warned users to be careful against possible threats.
Millions of Twitter users’ information is once again being shared on a hacker forum on November 24th. The database includes scraped public data from 5.4 million users, including Twitter ID, name, screen name, verified status, location, URL, description, follower count, account creation date, friends count, favorites count, statuses count, and profile image URLs. Along with this public information it also includes email addresses or phone numbers.
The hackers managed to steal millions of records from Twitter in December of 2021 by exploiting a vulnerability in the API, which was fixed in January. Twitter officially confirmed the data breach incident in January 2022. Thus, the hackers behind the attack had this database for a long time. In July, the same database was sold for $30,000 on a hacker forum.
The vulnerability was disclosed in HackerOne’s bug bounty program. It allowed hackers to submit emails and phone numbers to find out the associated Twitter IDs. These IDs can be used to scrape public information and creates a user record with both public and private information.
Although currently, the threat actors behind the incident are unknown, there are also news sources claiming that threat actors managed to steal tens of millions of Twitter users’ information by exploiting the same vulnerability. Also, experts are warning Twitter users against potential phishing attacks. Threat actors can use the leaked information to contact account owners in an attempt to steal their credentials.