Over 5.4 million Twitter stolen user records are reportedly being shared for free in a well-known hacker forum Breached Forums.
Earlier this year, it was revealed that millions of user data were stolen in a massive breach at the now Elon Musk-owned social media firm.
The data stolen includes personal phone numbers and email addresses. It also contained scraped data such as Twitter ID, name, screen name verified status, location, URL, description, follower count, account creation date, friends count, favourites count, statuses count and profile image URLs.
The data was accessed via a vulnerability in Twitter’s application programming interface. The API was fixed in January but not before it had been exploited.
In July, a threat actor leaked data the stolen Twitter data, offering it for $30,000 on Breach Forum. Twitter acknowledged the breach in August, saying that it involved a “vulnerability in Twitter’s systems” and that the bug was the result of an update in June 2021.
The stolen database currently appears available for anyone to view and download, without a fee. It has apparently already been accessed by multiple hackers, who have been passing details of users around on the dark web.
