Twitter In Probe Over Data-Protection Breach Affecting Over 400 Million Users, Hacker Offers Data For Sale

In yet another incident bringing Twitter, Inc., an American social media company, to the headlines, an alleged data breach case has come to light. A hacker named "Ryushi" has sought $200,000 in exchange for the data of 400 million individuals, including some politicians and celebrities.

The 'threat actor' reportedly exploited a problem with the system, allowing computer programmes to connect to Twitter, the microblogging and social networking service provider. According to the Data Protection Commission of Ireland (DPC), it will assess the compliance of Twitter with data protection law concerning that security problem, reported BBC.

Includes Data Belonging To Public Figures

Hudson Rock, a cybercrime intelligence company, said the 'threat actor' or hacker under investigation allegedly sold the personal data of several accounts. These include well-known accounts' phone numbers, email addresses, and other contact details.

Along with public figures like pop singer Shawn Mendes, US politician Alexandria Ocasio-Cortez, model Cara Delevingne, and the former Australian prime minister Scott Morrison look to have been caught in a breach of partial data on 400 million Twitter users.

BREAKING: Hudson Rock discovered a credible threat actor is selling 400,000,000 Twitter users data.

The private database contains devastating amounts of information including emails and phone numbers of high profile users such as AOC, Kevin O'Leary, Vitalik Buterin & more (1/2). pic.twitter.com/wQU5LLQeE1

— Hudson Rock (@RockHudsonRock) December 24, 2022

Ryushi To Sell Data To Musk?

According to Ryushi, the data was compiled by taking advantage of a flaw in a system that allows computer programmes to interact with Twitter. In 2022, the problem in the system was fixed by the microblogging company. However, it is also thought that the issue was exploited in the last hack that affected more than five million accounts. The DPC declared on December 23 that it was looking into the prior incident.

Ryushi, in its post, targeted Twitter or Elon Musk and stated, "if you are reading this," you are already at risk of a GDPR penalty for over 5.4 million breaches; imagine the fine of 400 million users breach source. Your best alternative is to purchase this data "exclusively" if you want to avoid paying $276 million in GDPR breach fines, like Facebook had to (due to 533 million users being scraped)."

Also Read: Under Modified IT Rules, Three Centre-Appointed Grievance Appellate Panels To Handle Social Media Users' Complaints