After Twitter was hacked, the data of 5.4 million people were put up for sale on a special forum. How to know if you are one of them?
Social networks often become the object of massive hacks. This allows hackers to steal user data and sell it on the dark web or on special sites. RestorePrivacy just discovered for this purpose that the data of 5.4 million Twitter users was just up for sale on a data selling site. The latter contain, in particular, the access identifiers of the accounts.
Loot from a hack caused by a security breach
According to the RestorePrivacy website, the personal data of 5,485,636 users is being sold on Breached Forum, a site that specializes in selling data. The latter mainly contain phone numbers, email addresses, identification numbers, first and last names, location, etc. In short, everything you need to access your Twitter account and possibly other user accounts.
All of this data for sale by The Devil, that’s the pirate’s nickname on the forum, comes from a hack caused by a security breach on Twitter. In January 2022, it was indeed discovered that the anti-duplicate account system created by Twitter allows you to get the username of any account and other information. Thus, a hacker could exploit this vulnerability. This allowed him to extract data from more than 5 million accounts, even if Twitter quickly corrected the flaw.
SEE ALSO: Skred Messenger: French messaging app more secure than WhatsApp
Reliable verified data
According to the Devil, the stolen personal data belongs to different categories of people. These include famous people, large companies, multiple verified accounts, and others owned by anonymous people. An independent system set up on the forum made it possible to verify the authenticity of the data that the hacker managed to extract. But for the latter, dropping your booty for less than $30,000 is out of the question. At the moment there are no offers, but there should be soon, as there will always be a buyer.
How can you check if you are one of the data subjects?
Since the data is still in the possession of the hacker, it is difficult to identify the stolen individuals. Thus, you may not yet know if you are affected.
For this to happen, you have to hope that an ethical hacker (white hat) buys this database. It then has to share it with platforms like HaveIBeenPwnd.com. The latter will be able to post it online and let users know if they are concerned. However, the opposite can also happen. An attacker or group could buy this data and use your accounts to do dirty things.
Until that happens, you can secure your account today. To do this, change your password and set up dual authentication. This will protect your account and deter anyone who wants to access it.