In big news, a ruthless hacker strikes Twitter. And this is just when you thought the Twitter scandals were coming to an end. A hacker claims to be selling the information of 400 million users.
According to reports, the information was collected in 2021 using a now-patched API flaw.
Elon Musk and Twitter have been warned by the threat actor, who goes by the name “Ryushi,”. He asks them to acquire the data for the $200,000 asking price or risk a far higher GDPR fine.
READ MORE: DaVinci Resolve For iPad
Ruthless hacker strikes Twitter: 2022 Twitter data leak
Apparently joining the Breached hacking forum in December 2022, the threat actor wrote to Twitter.
“Buying this data entirely is your best choice to avoid paying $276 million USD in GDPR breach fines like Facebook did (due to 533 million users being scraped)… I’ll then delete this thread and promise never to sell this data again.
The leaked information includes email addresses, usernames, follower counts, and creation dates. As well as some individuals’ phone numbers for over 1,000 users, including several celebrities.
The hacker asserts that they will sell the information to many customers for $60,000 apiece. But only if an exclusive sale to Twitter is not made for $200,000 instead.
According to Bleeping Computer(opens in new tab), the API that created the vulnerability was patched in January 2022, but it has since been revealed that several threat actors have continued to use it, putting more than 400 million customers at risk of phishing and frauds.
In another instance, WhatsApp recently came under fire after a data breach exposed the personal data of more than 500 million users. However, it is now believed that this breach was a reuse of a previous 2019 Facebook leak.