An unknown hacker claims to have accessed 400 million Twitter user accounts. He claims to hack the system by finding some “holes” in the system. The data he has at hand includes emails and phone numbers of celebrities, firms, ordinary users, and a lot of OG and special usernames. According to him, none other than Twitter CEO Elon Musk should buy them.
Elon Musk Hasn’t Responded Yet
The seller, who uses the nickname Ryushi on the dark web, has opened a “trial access” to 1,000 Twitter accounts so that a potential buyer can verify the leak’s authenticity. In the “sampler,” the buyer can find the personal details of the account of Donald Trump Jr., cybersecurity specialist Brian Krebs, and other famous persons.
Also read: The Largest Data Leak Including 8.4 Billion Passwords Is Online
“Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source. Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively,” reads the advertising.
Gizchina News of the week
Earlier, we heard that the EU would check Twitter for data leakage of 5.4 million users. The alleged leak happened before Elon Musk took over as head of Twitter. But he won’t avoid liability if this is true. If the EU finds evidence of a leak, Twitter might pay up to 4% of its annual turnover as a fine.
At the time of writing the news, Elon Musk did not react to the hacker’s offer in any way.
The data leak seems to be valid. There are guesses that the hacker could “enter” the system through an API vulnerability, which enables the threat actor to query any email/phone and retrieve a Twitter profile. It is similar to the Facebook 533m data leak reported in 2021. In effect, Meta paid $275,000,000, according to Alon Gal, Hudson Rock co-Founder.