Attackers stole data from more than 5.4 million Twitter accounts and uploaded it to a hacker forum for public access. The stolen data contained information not intended for public access, including private phone numbers and email addresses.
As Bleeping Computer explains, the data was stolen thanks to an API vulnerability that HackerOne's bug and vulnerability bounty program uncovered and patched in January of this year. As it turned out, the vulnerability allowed phone numbers and email addresses to be sent to the API to obtain associated Twitter IDs, which in turn allowed hackers to steal personal data.
In July 2022, a hacker demanded $30,000 on a hacker forum for the personal data of 5.4 million Twitter users stolen in December 2021. In his post, he wrote that among the accounts were those belonging to celebrities, famous companies, and so on.
Using another API, hackers also gained access to data about 1.4 million profiles of blocked Twitter users, but that data was not sold - it was privately provided to several attackers. It turns out that almost 7 million users' data has been leaked in recent months.
And then, recently, on November 24, 5.4 million Twitter accounts were posted for free on a hackers' forum. According to Bleeping Computer, this is the same data that sold for $30,000 a few months ago.
Attackers can use the stolen data for phishing attacks, so Twitter users are advised to be very careful about all emails received supposedly from Twitter. For example, a user may receive an email saying that his account will be blocked if he does not log in to his page. Having clicked on the link in the email, the user ends up on a phishing webpage, which may look like Twitter, but collects logins and passwords.
Such phishing attacks were already taking place in early November, when Twitter tried to enter a verification for $8.
According to some experts Twitter is more vulnerable to attacks now than ever before, because many engineers left the company – some were fired or left on their own initiative: since there are too few employees left, they will not be able to handle all the work, and it will inevitably lead to problems with the service and make it vulnerable, creating threats to the security of user data.