:strip_exif()/i/2004698112.jpeg?fit=%2C&ssl=1)
Hackers have acquired data such as email addresses and phone numbers from potentially tens of millions of Twitter users. This happened via a bug in the API that previously leaked data from 5.4 million users.
The dataset contains data from various countries and Beep Computer not reported which countries exactly. This includes a lot of data from French users, and the site checked the data with a sample. The data could be used, among other things, for targeted phishing attacks.
Security researcher Chad Loder yes posted a redacted screenshot of the data breach and also claims it’s genuine. There would be data from all users from certain countries in the dataset. The exact number of users is unknown. It is a different dataset than which went on sale this summer. It contained data from 5.4 million accounts and is now available for free, says Bleeping Computer.
The data breach has nothing to do with Elon Musk’s takeover of Twitter last month. The bug happened late last year. The vulnerability was released on January 1st on the HackerOne bugbounty platform by a security researcher. It was a bug in the Android client that required an attacker to make a POST request to the Twitter Onboarding API. The security researcher describes the issue in detail on HackerOne. Twitter identified the vulnerability and fixed it on January 13th. Details were released on Feb. 11, and the researcher received a $5,040 reward. Twitter has not yet commented on the hack.
