How did the hacker get personal information
The supplier, who’s reported to be a member of knowledge breach boards named Ryushi, claims that he/she were given them by way of exploiting a vulnerability. The hacker says the personal information contains emails and speak to numbers of folks of clout.
Alon Gal, co-founder and CTO at Hudson Rock cybersecurity corporate, posted the main points of the hack on LinkedIn.
Hacker needs to promote information to Musk
Reportedly, the vendor is making an attempt to strike a take care of Twitter CEO Musk to shop for the information to keep away from GDPR court cases.
“Twitter or Elon Musk in case you are studying this you might be already risking a GDPR nice over 5.4m breach imaging the nice of 400m customers breach supply. Your most suitable choice to keep away from paying $276 million in GDPR breach fines like fb did (because of 533m customers being scraped) is to shop for this information completely,” an purported message from the hacker reads.
Irish DPC probing Twitter data leak
The news comes a few days after the Irish Data Protection Commission (DPC) launched an investigation into a Twitter data leak that affected over 5.4 million users worldwide.
“The DPC, having regarded as the ideas equipped by way of TIC referring to this topic to this point, is of the opinion that a number of provisions of the GDPR and/or the Act can have been, and/or are being, infringed with regards to Twitter Users ‘ private information,” read the December 23 announcement by the Data Protection Commission.
As per a report by Bleeping computer, the previous breach was found in late November and data was stolen when hackers exploited an API vulnerability that Twitter fixed in January.
Pompompurin, the owner of the Breached hacking forum, was cited as saying that there was another data set of 1.4 million Twitter profiles that was not sold but was only shared among a few people. Pompompurin is also reported to have offered escrow service for the sale.
Claims to also have Twitter data of Google CEO and Bollywood actors
Some reports also claim that the hacker is attempting to sell the data, which contains the personal data (such as phone numbers and email addresses) of prominent Twitter users, including Alphabet and Google CEO Sundar Pichai, Bollywood actor Salman Khan, Ministry of Information and Broadcasting of IndiaMusk-owned SpaceX, CBS Media, Donald Trump Jr., American politician Alexandria Ocasio-Cortez, among others.
2/ Twitter had accepted that the said API flaw was abused in the wild but it’s high time now that they also confirm… https://t.co/BLjU86xiaI
— Sunny Nehra (@sunnynehrabro) 1672033929000
Meanwhile, ethical hacker Sunny Nehra says that hackers may dump more data acquired by exploiting the same vulnerability.
Data of 500 million WhatsApp users leaked, How to check if you’re WhatsApp data is at risk