A hacker claims to have stolen data on 400,000,000 Twitter users and is trying to sell it. He asserts that the database is confidential, and to support his claims, he gave a sample of 1,000 accounts, some of which contained the private data of well-known individuals like Donald Trump Jr., Brian Krebs, and many more.
The seller, Ryushi, a user of data breach forums, claims the information was scraped using a vulnerability; it contains emails and phone numbers of famous people, politicians, businesses, regular users, and a large number of OG and unique usernames. In order to avoid GDPR litigation, he is also encouraging Twitter and Elon Musk to purchase the data.
The advertising says, “Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source. Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively.”
The seller said the escrow service provided by the Breached forum administrators (pompompurin) would cover the deal. It is not yet feasible to independently verify the seller’s claims. The Data Protection Commission of Ireland began an investigation into Twitter on Friday about a data breach that purportedly affected 5.4 million Twitter users in August.
Alon Gal, a co-founder of the threat intelligence company Hudson Rock, stated that the data is more likely to be accurate and was likely obtained from an API flaw that allowed the threat actor to search any email or phone number and retrieve a Twitter profile (https://lnkd.in/dMsWwiJa). This is strikingly similar to the Facebook 533m database that he first reported about in 2021, which led to a $275,000,000 fine for Meta.
The Irish Data Protection Commission revealed on Friday that it was looking into the August incident in which Ryushi’s preferred forum received the contact information of 5.4 million Twitter users.