HomeWinBuzzer NewsTwitter Hacker Is Selling Info from 400 Million Accounts

Twitter Hacker Is Selling Info from 400 Million Accounts

However, the hacker says Twitter and/or Elon Musk can buy the data to avoid falling foul of Europe’s GDPR data laws.

-

A programming interface vulnerability in seemingly allowed a hacker to scrape account data from 400 million accounts on the micro-blogging site. That hacker or group of hackers is now selling the information on BreachForums.

If you are unfamiliar with BreachForums, it is essentially the replacement site for the now-closed RaidForums. It allows people to discuss and also buy/sell exploits and stolen data. On the boards, the Twitter hacker (Ryushi) says the dataset includes phone numbers and email addresses of famous celebrities, companies, and politicians.

Ryushi listed the email addresses of some of them, including Piers Morgan, Stephen Curry, and Donald Trump Jr. Furthermore, the hacker shows a link to a .CSV file that shows the information of 1,000 Twitter users. Both leaks were to provide the data scrape and the sale are legitimate.

Elon Musk Request

While the hacker is selling on BreachForums, it seems an easier solution is also in place. Specifically, Ryushi addresses Twitter and its CEO, , and says they can simply purchase the data themselves to avoid it becoming public.

He says allowing the data to be stolen in the first place goes against the European Union's General Data Protection (GDPR) law. If Musk/Twitter buy the data, it “will prevent a lot of celebrities and politicians from phishing, crypto scams, sim swapping, doxing and other things that will make your users lose trust in you as a company.

“From [sic] content creators this is a sensitive time, which will make things far worse and if you are unsure just run a poll on Twitter like usual and people will choose their fate because at the end of the day it's the company's fault that this data was breached.”

Bleeping Computer reports the hack was possible by exploiting an API vulnerability in Twitter. That flaw was known about and fixed back in January 2022. So, the hack probably happened last year and the hacker has been sitting on the data.

Tip of the day: When using your Windows 10 laptop or convertible with a mobile hotspot you might want to limit the Internet bandwidth your PC uses. In our tutorial we are showing you how to set up a metered connection in Windows 11 or Windows 10 and how to turn it off again, if needed.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News