News Technology What is wrong with Twitter? 200 mn users' data leaked and sold for $200K on Dark Web

What is wrong with Twitter? 200 mn users' data leaked and sold for $200K on Dark Web

On January 4, a new user on the hacker forum with the username StayMad, leaked the affected Twitter user database containing over 200 million records, which was earlier being offered for $200,000 by the threat actor with username Ryushi at the same English-language speaking cybercrime forum.

Twitter Image Source : PIXABAYTwitter

Cyber-security researchers have found a data dump comprising over 200 million Twitter users, that was earlier being sold for $200,000.

ALSO READ: Why did Twitter shut down the 'Moments' feature?

The data, including email address, name, screen name/username, account creation date and follower count was offered for 8 forum credits on a famous hacker forum, that amounts to $200,000, according to the team from AI-based cyber-security firm CloudSEK.

ALSO READ: Is Twitter working on upgrading the character limit per tweet from 280 to 4000?

"The vulnerability in Twitter's API, enabled threat actors to input phone number/email address to retrieve the Twitter user ID which in turn enables data scraping," said a CloudSEK researcher.

ALSO READ: Twitter bans 48,624 accounts in India because of policy violations

Last month, a hacker claimed to have stolen the data of nearly 400 million Twitter users and put it up for sale on the dark web.

On January 4, a new user on the hacker forum with the username StayMad, leaked the affected Twitter user database containing over 200 million records, which was earlier being offered for $200,000 by the threat actor with username Ryushi at the same English-language speaking cybercrime forum.

According to CloudSEK researchers, it was observed that the count of compromised records was found to be over 200 million as compared to the announcement made on December 23, 2022, stating that 400 million records were gathered, "the reason being the presence of duplicate records".

The threat actor shared two files, one of which displayed the user account data scrape, found to be from over 221 million Twitter accounts and the second file displayed the scraped data, from over 100,000 verified accounts, the researchers noted.