BackSundar Pichai, Salman Khan, 40 crore others' Twitter data up for sale on dark web: Report
I am selling data of +400 million unique Twitter users that was scrapped via a vulnerability, this data is completely private: Excerpt from hacker's post
PremiumMicro-blogging site Twitter is likely facing its biggest leak. A report by Israeli cyber intelligence company Hudson Rock has stated that a a hacker has claimed to have stolen data of 40 crore Twitter users and has put it up on sale on dark web. That is not all, the people whose data has been stolen includes high-profile users such as Google CEO Sundar Pichai, Ministry of Information and Broadcasting, India and Bollywood actor Salman Khan among others.
The Hudson Rock report states that the personal data that has been put up on sale on dark web includes email, username, followers and even phone number, of the 40 crore Twitter users. "I am selling data of +400 million unique Twitter users that was scrapped via a vulnerability, this data is completely private," the the hacker is reported to have written in their post.
It is to be noted that only a couple of months ago, reportedly Elon Musk's Twitter suffered a user data leak of over 5.4 million users. The Irish Data Protection Commission is investigating the past leak.
The hacker reportedly offered a deal to Twitter CEO Elon Musk and in their post has written, “Twitter or Elon Musk, if you are reading this post, you are already at risk of GDPR fines for the data leak of over 54 million users. Now fines for data leak of 400 million users. Your best option to avoid paying $2.76 million in CDPR breach fines like Facebook did (due to 533 million users being scraped) is to buy this data exclusively."
High profile users whose Twitter data is now at stake
Among the 40 crore Twitter users' whose data has been hacked and is being sold off on dark web are high profile users. These include
-Sundar Pichai
-SpaceX
-Salman Khan
-Ministry of Information and Broadcasting, India
-Social media handle of World Health Organisation (WGO)
-Charlie Puth
-Shawn Mendes
- Alexandria Ocasio-Cortez
- CBS Media
- Donald Trump Jr.
- Doja Cat
- NASA's JWST account
- NBA
How was the Twitter user data hacked?
The Hudson Rock report states that the API vulnerability of the micro-blogging site could be a factor why the data was accessible to the hacker.
Alon Gal, co-Founder and CTO of Hudson Rock, took to LinkedIn and said, "The data is increasingly more likely to be valid and was probably obtained from an API vulnerability enabling the threat actor to query any email / phone and retrieve a Twitter profile, this is extremely similar to the Facebook 533m database that I originally reported about in 2021 and resulted in a $275,000,000 fine to Meta."
Hacker's deal
According to the report, the hacker has agreed to ‘deal’ with a middleman too.
"After that I will delete this thread and will not sell this data again. And data will not be sold to anyone else which will prevent a lot of celebrities and politicians from Phishing, Crypto scams, Sim swapping, Doxxing and other things that will make your users Lose trust in you as a company and thus stunt the current growth and hype that you are having also just imagine famous content creators and influencers getting hacked on twitter that will for sure Make them ghost the platform and ruin your dream of twitter video sharing platform for content creators, also since you Made the mistake of changing twitter policy that got an immense backlash," the hacker has reportedly said.
Neither Twitter CEO, nor Elon Musk himself has confirmed the data leak till now.
Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it's all here, just a click away! Login Now!
