Threat actors have leaked the Twitter account data of 235 million individuals, opening them up to cybercrimes and posing a threat to their digital lives. This text shares how the data theft took place, how Twitter retaliated, how cybercriminals leaked over 200 million records, the DPC’s investigation, the previous Twitter data leakage of 5.4 million users, and how you can protect your Twitter accounts to stay safe.
Threat actors have leaked over 200 million Twitter account details following a long wait, exploiting a vulnerability in the organization’s systems. The incident has been making headlines worldwide since last year. It prompted Twitter to issue a statement assuring users that their passwords were not compromised and that they were working to secure their systems when it was first discovered in July last year.
Now, the threat actors have leaked the stolen information opening the individuals up to all malicious attacks. Let us look into what has happened, what is happening, and how to stay protected.
What Happened During the Twitter Data Theft in July 2022
Twitter received a bug bounty program report in January 2022 outlining a vulnerability in the organizational systems allowing any individual to get account details. When a user submitted any email address, Twitter systems would reveal the account the email address was associated with and any phone number connected to said account.
The bug resulted from Twitter’s June 2021 update, and Twitter claimed that the exploit had been fixed and discovered no case of the vulnerability being exploited. However, in July 2022, threat actors leveraged this vulnerability and offered the stolen records for sale.
The hackers were also spotted selling 5.4 million account handles along with genuine account email addresses and associated phone numbers. Twitter also clarified that no passwords were exposed during the attack but encouraged every Twitter user to employ 2FA (Two Factor Authentication).
Twitter’s 5.4 Million Data Breach
Twitter confirmed the data breach, patching its zero day vulnerability, but a threat actor was able to use the vulnerability to steal the data of 5.4 million users. The threat actor scraped public information, including follower counts, screen names, login names, profile picture URL (Uniform Resource Locator), location, and additional information.
The threat actor put the data up for sale for $30,000. However, Bleeping Computer said that the 5.4 million Twitter account records were sold not once but twice. Both the threat actors purchased the stolen data for less than the original ad.
Twitter released an advisory following the incident, outlining, “We are publishing this update because we aren’t able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors.”
The breach caused a lot of ruckus in the cybersecurity world as the personal information of 5,485,636 Twitter users was leaked.
Ireland’s DPC Investigating the Data Theft
Ireland’s DPC (Data Protection Commission) also kicked into action and started probing over the reports when datasets containing the personal information of Twitter users came into the picture. When the threat actors released 5.4 million Twitter user data, the DPC had discussions with Twitter and investigated the matter, highlighting that one or more provisions of the EU’s GDPR (General Data Protection Regulation) were infringed and continue to be so.
Ireland’s DPC is the lead watchdog for some of the most significant organizations and businesses worldwide and wields the authority to fine as much as 4% of any organization’s annual sales. Since the data was leaked, Twitter has been under the eye to meet regulatory demands, with the European Commissioner Thierry Breton also sending a warning to Elon Musk when he took over Twitter, asking the new owner to “fly by our rules.”
This new batch of data will add intensity to the DPC’s investigation and also to the ongoing inquiry by the US FTC. The US FTC (United States Federal Trade Commission) has been investigating Twitter and if the organization has been violating consent decrees where the organization promised to protect the data of its users in a better way. However, the FTC declined to comment on the recent news.
The Twitter Data Leak of 2023: What can Happen to Affected Users?
A massive Twitter database with the information of 235 million individuals was leaked on a hacker forum. The database has about 63GB of data, including the names, email addresses, Twitter handles, account creation dates, and follower counts of users. The data is not restricted to certain threat actors or exclusive or set for sale. Any individual on the Internet can access the leaked data.
The data available on the hacker forum can open individuals up to a lot of challenges, and malicious harm as threat actors can use the data to target cryptocurrency accounts, hack high-profile or political accounts, infiltrate popular accounts, or dox accounts without dedicated emails.
Furthermore, Washington Post says that the records were likely compiled in late 2021 using the Twitter vulnerability and the threat actors could have leveraged automated lookups to check such a large number of email addresses. The Washington Post also cleared that Twitter has not responded to emails seeking comments on the incident and any advice that the organization might have for the affected users.
Nearly three-quarters of Twitter users are outside the US and Canada. The users who provided throwaway email addresses or emails specifically for Twitter might be safe in some regards, but not completely, since these emails could still be utilized in account takeovers, spear phishing, email spoofing, and email threats.
How Can Affected Twitter Users Protect Their Accounts?
Since the threat actors have access to your email addresses, it would be best to take extra steps to keep your email and Twitter account safe. You should follow these steps for top-of-the-line security:
- Implement Strong Passwords: Use a strong and unique password for your Twitter account and ensure the same password is not used for any other account on the same email address. Consider using a password manager to help you generate and store strong, unique passwords for all of your online accounts.
- Enable 2FA: Enable 2FA for an extra layer of security, so threat actors cannot break into your Twitter account easily.
- Phishing Awareness: Be cautious when clicking on links, especially if they come from unknown sources or unsolicited emails. It would be best to learn about social engineering tactics and the latest phishing campaigns.
- Stop Information Sharing: Avoid sharing sensitive personal information, such as your full name, home address, or phone number, on your Twitter profile or in your tweets.
- Manage Connected Applications: Regularly review the apps and services that you have connected to your Twitter account and remove any that you no longer use or trust.
Leaked email addresses can be used to send spam or unwanted emails to individuals, which can be annoying, to say the least, and potentially dangerous if the emails contain malicious links or attachments.
Opening 235 million individuals to spear phishing and email spoofing attacks and the sensitive information of high-level accounts, politicians, and celebrities, what will happen next is anyone’s guess.
Individuals can take the above protective measures and be on high alert to stay safe. One thing is for certain the cyber criminals are not resting and are continuously working to cause malicious harm, as evidenced by this data leak happening not even a week into 2023.