Twitter is facing re-evaluation after a hacker claimed they have data from 400 million accounts

Posted on January 1, 2023 at 9:13 PM

Twitter is facing re-evaluation after a hacker claimed they have data from 400 million accounts

January 2023 kicked off with a scandal involving Twitter, where a hacker emerged with claims of having data that belongs to 400 million accounts. According to the hacker, they can either destroy the data, or hand it over. In exchange for a more preferable outcome, the hacker demands a $200,000 payment.

For the moment, the hacker is known only as Ryushi, and they have request a $200,000 payment in exchange for the data. According to some reports, the data might even include details involving certain celebrities.

Given the size of the stolen data, this is being treated as a massive security concern, which led the Data Protection Commission of Ireland to get involved with the matter. The DPC stated that it intends to evaluate Twitter’s compliance with data protection rules, and assess if the company is compliant with the relevant regulations.

For the time being, Twitter itself did not comment on the hacker’s claim, and it did not say what it plans to do about the request.

What does the data actually include?

According to the hacker, the data that they stole is quite extensive, and it includes personal information, including emails and phone numbers, some of which belong to major celebrities, politicians, and other public figures. It is worth mentioning that the size of the haul remains unconfirmed, apart from the hacker’s own word.

So far, they have released a small sample of it to the public, in order to prove that the claim is genuine. According to the BBC, the released data includes information belonging to the US Congresswoman Alexandria Ocasio-Cortez. Reports also indicate that the data includes information belonging to the broadcaster, Piers Morgan. Morgan also had his Twitter account hacked recently, so the fact that his information is involved might not be much of a surprise.

The awareness of the hacked data sale was initially raised by the cybercrime intelligence firm, Hudson Rock. The company’s CTO stated that there are numerous clues that support the hacker’s claims, apart from the sample itself.

The chief technology officer also hinted towards a different breach seen in March last year, but he noted that this data appears to be a product of a different security breach. The March breach resulted in the publication of data belonging to 5.4 million Twitter accounts. However, if the hacker’s claim is correct, the March data dump might be only a small fraction of the data that was stolen this time.

The hacker addressed Twitter and its CEO

According to the hacker, the stolen data was collected thanks to a problem with Twitter’s system. They were able to take advantage of the problem and breach Twitter’s defenses. The flaw in the system allows computer programs to connect to the social platform.

Earlier, on December 23rd, the DPC said that it was investigating a Twitter breach. Whether this is the same breach as the one that DPC was (and might still be) investigating, remains unknown. However, according to the hacker, they are well aware of the damage that selling or dumping this data can do.

So far, many have tried to reach out to Twitter, as well as Elon Musk, the company’s new CEO. Until now, Musk has been very active on the platform, but he failed to reply to the tweets requesting his comment. One such inquiry came from the leading cyber-security reporter, Brian Krebs, who noted that the breach likely took place even before Musk took over.

However, the BBC report also says that the DPC has engaged with Twitter in this inquiry. As for the hacker, they offered Twitter the opportunity to purchase the data “exclusively,” in order to prevent anyone else from getting it.

Ryushi even told Twitter and Musk that they are risking a GDPR fine due to the March breach, inviting them to “imagine the fine of 400m users breach source.” He added that Twitter’s best option to avoid paying $276 million in GDPR breach fines (like Facebook did) would be to pay $200,000 to Ryushi directly.

Summary
Twitter is facing re-evaluation after a hacker claimed they have data from 400 million accounts
Article Name
Twitter is facing re-evaluation after a hacker claimed they have data from 400 million accounts
Description
January 2023 kicked off with a scandal involving Twitter, where a hacker emerged with claims of having data that belongs to 400 million accounts. According to the hacker, they can either destroy the data, or hand it over. In exchange for a more preferable outcome, the hacker demands a $200,000 payment.
Author
Publisher Name
Koddos
Publisher Logo

Share this:

Related Stories:

Newsletter

Get the latest stories straight
into your inbox!

YOUTUBE

Discover more from KoDDoS Blog

Subscribe now to keep reading and get access to the full archive.

Continue reading