Security researchers report that 400 million potentially genuine Twitter accounts with email addresses and phone numbers are up for sale.
(Image: Tada Images/Shutterstock.com)
The Israeli security researcher Alon Gral came across a post in a relevant forum that he classifies as trustworthy. The post addresses Twitter owner Elon Musk directly and offers the data of 400 million Twitter accounts for sale – allegedly to forestall punishment by privacy advocates. The samples from 1000 data sets should show that the data is authentic. They contain data from a number of celebrities, including Apple veteran Steve Wozniak and US security reporter Brian Krebs.
Probably known software vulnerability exploited
The data is said to have expired in early 2022. It is therefore suspected that the perpetrators exploited a loophole confirmed by Twitter in August 2022. The company has not yet provided any information on the current incident. A recent verdict by Irish data protection officials against Meta for scraping on Facebook suggests that the data leak could be expensive for Twitter. They demand 265 million euros as a penalty.
The gap comes in an unfortunate phase for Twitter: the company loses massively in value after the takeover by Elon Musk and his clumsy measures, and users are looking for alternatives. The number of accounts is plausible. According to current statistics, Twitter had around 360 million active users in 2021 and 2022.