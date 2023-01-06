https://sputniknews.com/20230106/hack-attack-on-twitter-reportedly-results-in-data-dump-exposing-info-of-over-200-million-users-1106076670.html

Hack Attack on Twitter Reportedly Results in Data Dump Exposing Info of Over 200 Million Users

2023-01-06

A hack attack on Twitter has reportedly resulted in a data dump exposing personal information of over 200 million users.

2023-01-06T08:27+0000

Over 200 million Twitter users' names, e-mail addresses, screen names, number of followers and phone numbers have reportedly been stolen in a massive hack attack, with the data dump now posted on the dark web.The data breach, which took place as early as 2021, “will unfortunately lead to a lot of hacking, targeted phishing and doxxing,” according to Israel-based Hudson Rock cybersecurity-monitoring firm.It added this could turn out to be "one of the most significant" data leaks yet recorded by the firm.Overall, the size of the database stolen was purportedly about 63GB, with previous reports into the alleged breach, featured in US media in December, claiming 400 million email addresses and phone numbers found their way into the hackers' hands.At the end of 2022, Alon Gal, co-founder of Hudson Rock, had warned on social media about the breach.Scraped Twitter user profiles had been harvested by threat actors and data breach collectors by exploiting the microblogging site's API vulnerability, according to Gal. After being discovered by Twitter's bug bounty program in January of 2022, in a blog post in August the company stated that the developments had followed an update to its code in June 2021, which resulted in cybercriminals taking advantage of the ensuing flaw. The hack "allowed someone to enter a phone number or e-mail address into the log-in flow in the attempt to learn if that information was tied to an existing Twitter account, and if so, which specific account", the company said at the time. Twitter claimed at the time that it had “no evidence to suggest someone had taken advantage of the vulnerability.” Now, however, a threat actor has reportedly released the data consisting of 200 million Twitter profiles on the Breached hacking forum.According to Troy Hunt, creator of breach-notification site Have I Been Pwned, the leaked cache seemed “pretty much what it’s been described as.”The reported data breach occured before Tesla and SpaceX CEO Elon Musk purchased the social network site on October 2, 2022, for $44Bln.Twitter has not offered any official comment on the recent listing of user data ostensibly for sale on the dark web.

