5.4 million Twitter users' stolen data leaked online — more shared privately

data breach


network threats

AI generated Image

Forum post selling the scraped Twitter dataSource: BleepingComputerThis data was collected in December 2021 using a Twitter API vulnerability disclosed in the HackerOne bug bounty program that allowed people to submit phone numbers and email addresses into the API to retrieve the associated Twitter ID. Pompompurin, the owner of the Breached hacking forum, told BleepingComputer this weekend that they were responsible for exploiting the bug and creating the massive dump of Twitter user records after another threat actor known as 'Devil' shared the vulnerability with them. This data dump potentially contains tens of millions of Twitter records consisting of personal phone numbers collected using the same API bug, and public information, including verified status, account names, Twitter ID, bio, and screen name.

Source read time: 4 min - bleepingcomputer.com

Also offered in: Nederlands

More news for you