Over 200 million Twitter users were included in a data dump that was previously sold for $20,000, according to researchers in cyber security. According to the team from AI-based cyber-security company CloudSEK, the data, which included an email address, name, screen name or username, account creation date, and follower count, was offered for 8 forum credits, or $200,000, on a well-known hacker forum.
What CloudSEK said?
"The vulnerability in Twitter's API, enabled threat actors to input phone number/email address to retrieve the Twitter user ID which in turn enables data scraping," said a CloudSEK researcher. A hacker allegedly acquired the information of about 400 million Twitter users last month and sold it on the dark web.
When and who leaked the data?
On January 4, a new user with the moniker StayMad on the hacker forum released the affected Twitter user database, which had over 200 million records and had previously been advertised for sale for $200,000 by the threat actor Ryushi on the same English-speaking cybercrime community.
Not 400 million but 200 million accounts data was leaked
According to CloudSEK researchers, it was observed that the count of compromised records was found to be over 200 million as compared to the announcement made on December 23, 2022 stating that 400 million records were gathered, "the reason being the presence of duplicate records".
Threat actor distributed 2 files for 2 purposes
Researchers discovered that the threat actor distributed two files, one of which exhibited user account data collected from over 221 million Twitter accounts and the other of which revealed scraped data from over 100,000 verified accounts.
