Thousands of people are not happy after learning that hackers stole and released millions of Twitter users’ private data for free on the internet.
Bleeding Computer reports, “While most of the data consisted of public information, such as Twitter IDs, names, login names, locations, and verified status, it also included private information, such as phone numbers and email addresses.”
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.
Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug was by threat actors.
The data consists of scraped public information as well as private phone numbers and email addresses that are not meant to be public.
They also report that in addition to the 5.4 million Twitter records of current users, the hackers also stole the private data of an additional 1.4 million Twitter profiles for suspended users.
The initial hack took place in July of 2021, but prior to this past week the information wasn’t freely available to anyone who wanted it.
In September, and now last week, the data has been released for free on a hacking forum, allowing any phishing actor to use the data in targeted attacks.
Another data set consisting of 1.4 million suspended users was not released, and was circulated privately.
— BleepingComputer (@BleepinComputer) November 27, 2022
On November 24th, the data of 5,485,635 current Twitter users was posted and shared for free on a hacking forum.
While it is concerning that threat actors released the 5.4 million records for free, an even larger data dump was allegedly created using the same vulnerability.
This data dump potentially contains tens of millions of Twitter records consisting of personal phone numbers collected using the same API bug, and public information, including verified status, account names, Twitter ID, bio, and screen name.
Many Twitter users are upset that their private data may have been released by hackers online
So, while Apple allegedly is threatening to…