Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Twitter Security

Twitter Data Breach Exposes Contact Details for 5.4M Accounts, on Sale for $30K (9to5mac.com) 22

9to5Mac reports: A Twitter data breach has allowed an attacker to get access to the contact details of 5.4M accounts. Twitter has confirmed the security vulnerability which allowed the data to be extracted. The data — which ties Twitter handles to phone numbers and email addresses — has been offered for sale on a hacking forum, for $30,000... There is as yet no way to check whether your account is included in the Twitter data breach.
More details from the Restore Privacy security news site: A verified Twitter vulnerability from January has been exploited by a threat actor to gain account data allegedly from 5.4 million users. While Twitter has since patched the vulnerability, the database allegedly acquired from this exploit is now being sold on a popular hacking forum, posted earlier today.... The seller on the hacking forum goes by the username "devil" and claims that the dataset includes "Celebrities, to Companies, randoms, OGs, etc."
This discussion has been archived. No new comments can be posted.

Twitter Data Breach Exposes Contact Details for 5.4M Accounts, on Sale for $30K

Comments Filter:
  • You, Random user! (Score:5, Insightful)

    by YrWrstNtmr ( 564987 ) on Saturday July 23, 2022 @01:44PM (#62727588)
    You are continually admonished to secure your private data and account details. Strong passwords, VPN, encryption...
    We take great pains do this.

    Meanwhile, those who we entrust these details to, not so much.
    • by shanen ( 462549 )

      Nice FP, but hey, as long as they're making a profit, it's all good.

      Now you just have to convince me that Twitter has EVER made a profit. Or that the share prices have ANY relationship to reality. Down to two decimal places? In a flying pig's eye.

      Gosh, I hope Musk loses a LOT of money for his stupid head games with Twitter. I don't like gamblers, even lucky ones, and that's all I think Musk really is. He's not an idiot, but all of his supposedly original ideas are old ideas, mostly from old SF. If he has an

  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Saturday July 23, 2022 @01:50PM (#62727602) Homepage

    There is as yet no way to check whether your account is included in the Twitter data breach.

    Buy it. That will tell you if your account is in there.

    • Buy it. That will tell you if your account is in there.

      Nah, there's usually better deals on data breaches as we get closer to Black Friday. You wouldn't want to overpay in this economy.

      • Nah, there's usually better deals on data breaches as we get closer to Black Friday. You wouldn't want to overpay in this economy.

        I usually watch the paper for coupons.

  • My spam e-mail address possibly leaked and it might get more spam now? The horror. People actually sign up for things like Twitter using their main accounts? This is why throwaway e-mail addresses and Google Voice numbers exist, people.

    • Exactly. If I don't know you or don't trust you, you don't get my real e-mail address. That's just basic common sense.
      • by shanen ( 462549 )

        No defense when someone you know gets pwned. Sad reference to We Are Anonymous about the crazy abuses of anonymity. Even worse when it's for LULZ rather than cash?

    • by ls671 ( 1122017 )

      Last time I checked, twitter didn't accept Goggle voice numbers. I must have 15 VoIP phone numbers, none of them worked either with twitter. It seems like you need a phone number from a real cellular provider. YMMV.

  • With that database you could set up a darknet site that sells records starting at $100 in cryptocurrency per user (scaling up with follower count), at that price it would take at most 300 sales to break even, which should happen within a week from the deluge of requests from smaller authoritarian governments. You could also offer to take a larger payment proportional to the user's twitter following to block access to the user's records permanently. Some more people would get Khashoggi'd as a result of this, but you don't make that kind of money doing honest work...

  • Goddammit, there's another breach I missed out on by not having a Twitter account. :(

    • Does this help Elon weasel out of his shotgun wedding? He was all gung ho until folks started raising yellow flags like why no other big investors think worth so much. For that scratch just make a new one for less. Call it Tweaker or something.
  • That's a lot of money for a list of bots!

  • Ha, I just realized Twitter stopped pestering me for a phone number about six months ago.

    The weird thing is I gave it to them c. 2008 because it was a web to sms gateway. I guess they lost it at some point. Further inspiring.

A computer scientist is someone who fixes things that aren't broken.

Working...