- A hacker claims to be selling the Twitter data of 400 million users for $200,000, he warns Twitter and Elon Musk.
- The threat actor claimed to have harvested the data of more than 400 million unique Twitter users using a vulnerability.
- The threat actor’s post was found on a data breach site where hackers try to sell the data acquired by vulnerabilities.
The threat actor says that they accessed the private phone numbers and email addresses of Twitter users using an API vulnerability that Twitter fixed in January 2022. This vulnerability was previously associated with a 5.4 million user data breach. The threat actor also added that they have Twitter data that they would like to sell to a single person or to Twitter for $200,000. If an exclusive purchase is not made, they will sell the data to multiple people for $60,000 each.
Sample data of 37 accounts
The threat actor claimed to have harvested the data of more than 400 million unique Twitter users using a vulnerability. They have warned Elon Musk and Twitter to buy the data before it results in a hefty fine under Europe’s GDPR privacy law.
“Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source,” wrote Ryushi in a forum post.
« Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively. »
The threat actor also linked to an article detailing how this data could be misused by other threat actors for phishing attacks, crypto scams, and BEC attacks.
The forum post includes sample data for thirty-seven celebrities, politicians, journalists, businesses, and government agencies, including Alexandria Ocasio-Cortez, Donald Trump JR, Mark Cuba, Kevin O’Leary, and Piers Morgan. Additionally, a larger sample of 1,000 Twitter user profiles was later leaked.
Twitter is having a tough time right now as investigations are ongoing about a recent leak of user data, which happened a few months ago.