Using a vulnerability, a hacker stole the username, phone number and email address used by the accounts of 5.4 million Twitter users. He tried to sell this database on a pirate forum. The flaw was plugged by the social network in January.
You will also be interested
[EN VIDÉO] The Incredible Journey of Global Internet Traffic When we connect to the Internet, our data travels a very long way. An email thus travels an average of 15,000 km to reach its destination!
For 5.4 million accounts Twitterthe e-mail address of the identifier, as well as the telephone number of its owner are in a database collected by pirates. The hackers would have taken advantage of a security breach stemming from a code update in June 2021. The issue was reportedly already fixed in January following a bug bounty, but the hack dates from before according to Twitter’s own admissions. While Twitter originally stated there was no evidence this vulnerability was exploited, the site does not agree. Bleeping Computer.
According to his investigation, at least one pirate identified under the nickname “devil” would have amassed this data from more than 5.4 million accounts (5,485,636 exactly). He would even have tried to sell this information on a forum of hackers for $30,000. Among these data are those related to celebrities, companies or governmental organizations.
A security breach dating from June 2021
It was only after analyzing the data posted on the forum that the social network confirmed that this user data had been compromised. If it remains difficult to know if the leak has really impacted only 5.4 million accounts, in any case, Twitter has indicated that it will inform the users concerned.
To avoid having this type of personal data stolen, Twitter advise to activate thetwo-factor authentication. Similarly, it is best to be vigilant when receiving an email that appears to be from Twitter, especially if it asks you to click on a link to enter your credentials.
Interested in what you just read?