Twitter Reportedly Experience Data Breach
According to reports reaching MDB, Twitter experienced a massive data breach which saw about 5.4 million users’ phone numbers, and emails leaked on the dark web.
This data anomaly was confirmed by a Los Angeles-based cyber security expert and founder of Habitu8, Chad Loder who warned of a data breach at Twitter that has allegedly affected “millions” in the US and EU in particular.
Loder had on November 23, 2022, sent out the warning on his Twitter page to users in a series of tweets claiming he had also spoken to potential victims of the breach, who had confirmed it.
ALSO READ: Twitter Launches Gold, Grey, Blue Badges To Differentiate Verified Accounts
There was, however, a suspicion that the microblogging site had gone ahead to cover up the leak as Loder’s account was immediately suspended just after he sent out the alert.
The data leak first came into the limelight at the end of July when a threat actor obtained millions of accounts by exploiting a now-fixed vulnerability (according to Twitter) in the popular social media platform.
ALSO READ: Kanye West Returns To Twitter After Ban Is Lifted Following Anti-Semitism Rant
The threat actor later went ahead to offer the leaked data (exact figure of affected accounts – 5,485,636) for sale at a $30,000 price tag on the popular hacking forum, Breached Forums.
While giving further insight into the attack, Loder confirmed that any Twitter account that enabled the “let others find you by phone number” feature in its “discoverability” settings will automatically be affected. He also added that “all accounts for the entire country code of France” with their full mobile numbers have been captured in the data breach.
It is believed this information (The hack) was obtained by hackers in December 2021 using a Twitter API vulnerability.
After eight months, the microblogging site confirmed in August 2022, that hackers had taken advantage of the vulnerability to cause chaos but also claimed that the flaw was patched in January 2022.
According to Dailymail, there is confirmation that the compromised 5.4 million Twitter records have now been shared for free on a hacking forum as recent as November 2022.