Home NewsStock Market News Hackers hacked 5.4 million Twitter users to steal personal information for $30,000

Hackers hacked 5.4 million Twitter users to steal personal information for $30,000

by WOOWinvest
0 comment
Hackers hacked 5.4 million Twitter users to steal personal information for $30,000


The Twitter (TWTR-US) security flaw, discovered earlier this year, has been used by hackers to steal the account details of 5.4 million users, and hackers are selling the entire set of data in packages.

Compared with the 478 million T-Mobile customers affected by the hack in August 2021, Twitter was hacked on a smaller scale this time around, and even far fewer than the 70 million AT&T users hacked in the same month.

However, according to foreign media Restore Privacy, the data being sold by hackers now comes from a vulnerability reported by users in January this year. Twitter admitted that this was indeed an information security issue, and even paid a $5,040 bonus to the user “zhirinovskiy” who reported the vulnerability. .

“As described in the original January report by HackerOne user zhirinovskiy, the hackers were selling the data of 5.4 million users they claimed to have obtained from the exploit, and the hacker’s post still exists,” the report states.

“The seller used the name ‘devil’ on hacker forums and claimed that his data included celebrities, businesses, random passersby, general service organizations.”

“We contacted the seller of the database for more information, and the seller asked us to pay at least $30,000 to get the database, and they said ‘it was because Twitter was incompetent that he got the information,'” Taylor said.

Sample data posted by sellers on hacker forums

The seller has posted a data sample on the hacker forum “Breakthrough Forum” that appears to show Twitter profiles, phone numbers and email addresses used to log in. According to Restore Privacy, the owner of the forum has verified the authenticity of the data.

However, the data does not seem to contain the login password, but because there is an email address, it can be used with Twitter’s “forgot password” function. If the user who tries to log in also has the user’s email password, it may cause outsiders to log in to Twitter.

The bigger problem, however, may not be the fact that outsiders are logged into Twitter (there is no password, after all), but that the data may be sold to advertisers for use. Twitter has yet to comment.

You may also like

Leave a Comment

Our Mission is to help you make better trading decisions by providing actionable investing content, comprehensive tools, educational resources and assist you in making more money in the stock market.

Latest News

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

@2022 – All Right Reserved. Designed and Developed by WOOW Invest

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy