It has recently come to light that Twitter has suffered a significant data breach which could impact hundreds of millions of users and potentially lead to serious security issues for the platform.
Data stolen from Twitter more than a year ago has now appeared on a major dark web marketplace and is being sold for the equivalent of $2 in cryptocurrency.
The hacker responsible for posting the data, who goes by the name “StayMad,” shared the information on the “Breached” market, where it is available for anyone to purchase.
The data is believed to relate to at least 235 million people and includes email addresses, phone numbers, names, screen names, follower count, and account creation date.
How and when wid the data breach occur?
The data breach occurred in 2021 when cybercriminals exploited an API vulnerability in Twitter’s platform to access user information connected to hundreds of millions of accounts.
The vulnerability allowed hackers to use a “lookup” function to verify whether a phone number or email was connected to an active account on Twitter, and also revealed which specific account was linked to the credential in question. This was discovered by Twitter’s bug bounty program in January 2022 and was publicly acknowledged in August of that year.
At that time, Twitter stated that it had “no evidence to suggest someone had taken advantage of the vulnerability,” but it later emerged that the data of a large number of users had already been stolen.
Who is behind the hack?
The identities of the cybercriminals behind the data breach are unknown and it is unclear whether they are affiliated with any well-known hacker groups or threat actors. The person responsible for posting the data on the “Breached” market goes by the name “StayMad,” but little else is known about them.
It’s also unclear how long the data had been available on the dark web before it was discovered and reported on.
Impact of the data breach on Twitter and its users
The data breach is the latest in a series of controversies and problems facing Twitter. Besides to ongoing issues with misinformation and the spread of hate speech on the platform, the company is also dealing with the fallout from a recent hack in which high-profile accounts were compromised in a Bitcoin scam.
The data breach and the hack have both raised concerns about the security and privacy of users on the platform, and Twitter has faced criticism for its handling of both incidents.
Steps users can take to protect their information
The data breach is a serious issue for Twitter and its users, as it exposes the personal information of millions of people to potentially malicious actors.
It is important for those affected to be aware of the breach and to take steps to protect their accounts and personal information. This may include changing passwords, enabling two-factor authentication, and being vigilant about any suspicious activity or messages.
Twitter has stated that it is working to address the issue and to prevent similar incidents from occurring in the future, but it is ultimately up to users to take steps to protect themselves and their information.