While the leaked data has been achieved from Twitter API’s bug that was fixed by Twitter’s security folks in January of this year, so this data was breached before, and hackers are revealing it now.
Twitter’s Earlier API Bug Now Impacting 5.4 Accounts Data
As the hacker has found this bug before, the company, and even in July, sold this 5.4 million Twitter users’ data for $30,000 on the well-known hacking forum, which is named ‘Breached Forums’. The threat actor has come up with the username “Devil” to sell the data report, and now, this same account’s user has come back again with a different name and shared all these account data for free. The hacked account’s data includes data from several types of accounts, such as email addresses or phone numbers of account users, which is not allowed for common users to see.
Besides these private details, it also includes a complete bundle of account detail such as names, login names, locations, verified status, account creation date, favorites count, and profile image URLs. However, the hacker is giving another list of 1.7 million accounts if someone doesn’t want the free one. This hacked account report also contains a 1.4 million users’ account list with their email, which Twitter suspended when they found out about the data breach in January, and in the mix, there are some active accounts too. Also, not only has one hacker stolen the data from Twitter’s API bug, there are some others. According to Bleeping Computers, another hacker is also holding a list of 17 million compromised accounts, but it is being shared privately on the internet, and currently, there is no confirmation about it. To keep your account protected, you can only do, enabling two-factor authentication that will inform you about logins so that if you find anything suspicious, it can be managed before allowing the entrance.