Twitter Data Breach: Private Data for 400M Users Posted for Sale Including Phone Numbers

A user that goes by the name of Ryushi posted a portion of the data on Breach Forum that includes celebrity phone numbers and emails.The data was apparently scraped due to an API vulnerability in twitter reported late last year.He claims he will sell the data exclusively to Elon Musk / Twitter otherwise they will have to pay a large fine due to the European privacy law GDPR when it is released publicly.Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach. Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively.Data Includes: Email addresses, Names, Usernames, Numbers of Followers, Profile Creation Date, Phone Numbers.

Best practice when using twitter is to not link a phone number to your account. If you must connect a phone number to an online account, use a number not tied to your legal identity. Twitter’s new blue check feature requires a verified phone number and blocks known burner numbers resulting in verified accounts being much more vulnerable to these types of compromises.

Breach Forum Post

Leave a Reply

Your email address will not be published. Required fields are marked *