CloudSEK researchers have found a data dump comprising the email addresses of over 200 million Twitter users offered for 8 forum credits on a famous hacker forum, which was earlier advertised for USD 200,000. The affected fields include email address, name, screen name/username, account creation date, and follower count.
“The vulnerability in Twitter’s API, enabled threat actors to input phone number/email address to retrieve the Twitter user ID which in turn enables data scraping,” said a CloudSEK researcher. On January 4, 2023, a new user on the forum with the username StayMad, leaked the affected Twitter user database containing over 200 million records that was earlier being offered for USD 200,000 by the threat actor with username Ryushi at the same English-language speaking cybercrime forum.
Analyzing the forum post, it was observed that the count of compromised records was found to be over 200 million as compared to the announcement made on December 23, 2022 stating that 400 million records were gathered, the reason being the presence of duplicate records.
The threat actor shared two files, one of which displayed the user account data scrape, found to be from over 221 million Twitter accounts and the second file displayed the scraped data, from over 100,000 verified accounts.
CloudSEK is a contextual AI company that predicts Cyber Threats. At CloudSEK, we combine the power of Cyber Intelligence, Brand Monitoring, Attack Surface Monitoring, Infrastructure Monitoring and Supply chain to give context to our customers’ digital risks.
