Twitter has been going through a lot over the last few years, and its troubling past continues to haunt the social media giant. It was recently revealed that hackers had stolen the details of approximately 200 million Twitter users. The incident likely happened in 2021 or early 2022 and is now added up to the growing pile of problems the tech giant faced before the change of management in late 2022. How the bad actors managed to obtain the information has not been revealed. Cyber security experts believe a weakness in Twitter’s API, firstly discovered in 2021, is likely how the hackers stole the considerable amount of data points.
Cyber security researchers stumbled upon a list that contains approximately 200 million email addresses of Twitter users that is currently up for grabs on hacking forums for about $2 worth of digital currency. Multiple cyber security researchers verified some of the leaked information, and all confirmed that the data is genuine. However, it is unknown who is behind the attack. Twitter has not commented on the multiple media reports about the data breach, which does not come as a surprise – Elon Musk is famously opposed to having active PR departments in his businesses. He dissolved Tesla’s press department in 2021, and the PR employees at Twitter were one of the first to go when he purchased the social media platform for $44 billion last year.
Emails are not the only data points included in the data leak. Cybercriminals have found other information in the lists, including phone numbers and publicly available information such as names, Twitter handles, user names, number of followers, and account creation dates. Most of those information elements are not deemed sensitive as they are public information. However, they still present a danger when tied up with an email address. Twitter has not yet shared its plan to address the potential problems from this data leak.
How does this affect you?
The fact that the list, predominantly consisting of emails, is now openly available on the dark web means that bad actors will likely start to utilize it to commit crimes. Malicious actions could include phishing campaigns, social engineering scam attempts, and brute-force attacks. Unfortunately, such lists are often what hackers need to launch successfully targeted attacks. Luckily, there are top antivirus software solutions out there that can add a second layer of security that ensures threat actors fail to reach you.
The post 200 million Twitter users had personal data stolen before Elon Musk’s takeover appeared first on Panda Security Mediacenter.