A member of a criminal data breach forum claims to have obtained the emails and phone numbers of 400 million Twitter users in a post urging social media CEO Elon Musk to buy the data for an unspecified sum set.
The hacker went by the name Ryushi on BreachForums, the successor site to the now-defunct RaidForums. Hackers claim the data includes email addresses and phone numbers of celebrities, politicians, companies and others.
In the list, Ryushi listed the email addresses of Donald Trump Jr., Alexandria Ocasio-Cortez, Neil DeGrasse Tyson, Piers Morgan, Stephen Curry and various others. The hackers also linked to a .CSV file containing the same information on another 1,000 Twitter users as further evidence.
On a different note, the hackers also took aim at Twitter and Elon Musk, claiming their best bet was to buy data which at the time claimed 533 million users to avoid the risk of fines from the European Union’s General Data Protection Regulation. Ryushi then added that if Musk or Twitter buy the data, the data will not be sold to anyone else, "This will prevent a lot of celebrities and politicians from doing phishing, crypto scamming, sim swapping, doxing and other things that will make your users lose trust things in you as a company.
Hackers harvested private phone numbers and email addresses using an API vulnerability that Twitter fixed in January 2022, according to Bleeping Computer. The same API vulnerability, which first surfaced in July and was released for free in November, is believed to have been used to steal data related to 5.4 million Twitter users.
While the validity of the claims of more than 400 million or 533 million users (both numbers used by the hackers) has yet to be proven, if any of them are legitimate, the stolen data will draw the attention of regulators.
Last week, the Irish Data Protection Commission announced that it had opened an investigation into 5.4 million previously stolen Twitter records.
I hope this article will help you to know about the 400 million of twitter users were being exposed by Hackers. According to Ireland's data protection authority, this is a clear breach of the European privacy law, the General Data Protection Regulation, which usually carries hefty fines. In November, Irish agencies cited the GDPR to fine Facebook 265 million euros after a data set containing details of more than 5 billion social media users appeared online last year.
