Data 235 million Twitter users for sale on the Internet

A database including e-mail addresses of 235 million Twitter users is for sale on the Internet. This was announced by security company Hudson Rock via Twitter. Several parties are said to be offering this database.

Informatiebeveiliging Nederland January 6, 2023

News press release

Vulnerability

"It is important to note that the fixed vulnerability that enabled this leak allowed users to be found via their phone numbers. I suspect attackers took advantage of this," stated Alon Gal, co-founder and CTO of Hudson Rock. "A database of phone numbers of an unknown number of Twitter users is likely to exist."

2021

It was initially thought to involve data from 400 million users. Twitter has said that malicious actors managed to get the data in 2021. The microblogging service had reported on this in August 2022. It is not unusual for previously stolen data to be offered for sale as "new.

Have I Been Pwned

Security researcher Troy Hunt confirmed the data leak. He added the leaked addresses to data leak search engine Have I Been Pwned. Through an API, it would have been possible to get hold of e-mail addresses and public Twitter profile data.

Comments

MORE REACTIONS

Consumentencollectief start massaclaim tegen Odido wegens privacyschending

Blog

Kabinet: Odido-datalek onderstreept belang van gegevensbeveiliging, geen losgeld bij cyberafpersing

News/press release

Kamercommissie krijgt wegens Odido en andere datalekken mogelijk AVG-briefing

News/press release

AP en RDI starten onderzoek naar Odido

News/press release

De Autoriteit Persoonsgegevens (AP) start een onderzoek naar de bewaartermijnen van klantgegevens bij telecombedrijf Odido. De aanleiding is het recente datalek, waarbij persoonlijke...

3 vragen over de datalek bij gemeente Epe

News/press release

Gemeente Epe