According to reports, private emails and connected phone numbers from accounts of 400 million Twitter users might be up for sale on the black market amid a recent hack that was revealed. Among those allegedly up for sale are the personal contact details of Mark Cuban, Kevin O’Leary, and Vitalik Buterin, co-founders of Ethereum.
400 M + Twitter accounts data is on sale, among which the most critical are username, mobile # & email. Hacker was able to provide a sample list of 1000 usernames, and I was able to verify many of them pic.twitter.com/qcrloExBUK
— Haseeb Awan – efani.com (@haseeb) December 25, 2022
Hudson Rock: Ethereum co-founders might be in trouble
On December 24, the cybercrime intelligence company Hudson Rock raised the alleged “credible threat” of selling a private database holding the contact information of 400 million Twitter user accounts.
BREAKING: Hudson Rock discovered a credible threat actor is selling 400,000,000 Twitter users data.
The private database contains devastating amounts of information including emails and phone numbers of high profile users such as AOC, Kevin O'Leary, Vitalik Buterin & more (1/2). pic.twitter.com/wQU5LLQeE1
— Hudson Rock (@RockHudsonRock) December 24, 2022
According to Hudson Rock, AOC, Kevin O’Leary, Vitalik Buterin, and other prominent users’ emails and phone numbers are among the devasting volumes of information in the private database. The threat actor attempts to coerce Elon Musk to acquire the data or face GDPR litigation in the article, where they say the data was discovered in early 2022 due to a Twitter flaw. Given the number of accounts, Hudson Rock stated that while it has not been possible to validate the hacker’s claims thoroughly, independent verification of the data itself looks real.
DeFiYield confirms the development.
DeFiYield, a Web3 security company, examined the 1,000 accounts provided by the hacker as a sample and confirmed that the information was “genuine.” Additionally, it spoke with the hacker via Telegram, noting that they eagerly await a purchase there.
If confirmed, the hack might pose a severe risk to cryptocurrency Twitter users, especially those who use aliases. Given that there are over 450 million active monthly users, several people have noted that such a massive breach is difficult to fathom.
As of this writing, the alleged hacker still has a post on Breached offering the database to purchasers. A particular call to action is included for Elon Musk to pay $276 million to prevent the sale of the data and a fine from the General Data Protection Regulation. Agency.
The hacker claims that if Musk, who recently acquired the Twitter platform after making several hints, pays the amount, they will destroy the data and ensure that it is not sold to anyone else to stop many politicians and celebrities from Phishing, Crypto frauds, Sim swapping, and other activities.
The “Zero-Day Hack” on Twitter, which involved the exploitation of an application programming interface vulnerability from June 2021 before it was fixed in January of this year, is thought to be the source of the compromised data in question. By effectively scraping sensitive information, hackers could create databases they sold on the dark web.