Twitter acknowledged prior this year that 5.4 million individuals’ personal data had been taken as a result of an API breaches, but the company said there was “no evidence” that the security flaw had been used. According to a revelation by BleepingComputer, all of those accounts have since been made public on a hacker form. Additionally, Twitter profiles of almost 1.4 million hacked users were supposedly shared secretly, and the same flaw may have also led to a broader data leak containing the personal information of ” of millions” of other users.
These pointers are designed to safeguard you and your equipment safe of viruses, hackers, and other threats. Only a few topics have been covered here, but you can take a lot more similar safety measures. Before registering for any goods and/or services, you should always conduct research to ensure that they are safe about you and your family. And always remember to Google an email or website ip if it appears odd about it, like if it sounds too true (like a website offering Baskin Robbins discounts). Before reading the site’s material without doing more study, this will help you determine whether it is legitimate.
The Database Contains Personal Identifiable Information (PII) of Twitter users
Unless you’re familiar with the concept “personal information,” it means any data that can be utilized to identify a specific person. Your contact details, for instance, are two instances of sensitive data. In the case of this data breach, the intruders exploited a flaw in Twitter’s application programming interface (API), which gave them unrestricted access to customer names, emails, and contact numbers.
Because the dataset also contained more delicate personal information such as credit and credit card numbers, it is critical that businesses like Twitter take all reasonable steps to protect the privacy of its users.The company claims they started working hard to address their security flaws as soon as they learned about this occurrence from outside sources such Reddit users who claimed to have seen tweets from providers is required them or other close friends/family relatives who following them on Twitter!
Leak Database Expose all Private Information
According to a TechCrunch story, the database holds a variety of personally identifiable information of Twitter accounts, including email addresses, mobile numbers, and even the username of their former and present relationships. Users’ personal cell phone numbers and email addresses were exposed as a result of the breaches, which might be exploited for scamming and other frauds. It might be possible to use that data to deduce individuals from secret Twitter accounts. As always, be extremely cautious of any shady emails or texts pretending to be from Twitter. Additionally, if you’ve been considering utilising two-factor authentication, this would be an excellent moment to do so.
More than 5 billion dollar usernames, passwords, and corresponding email addresses are all included in the compromised accounts. The data was gathered via an automated scraping program run by Dataminer, a third-party vendor that provides financial services firms (like Barclays) with real-time insights into user sentiment on social media sites like Twitter and Facebook. It’s unclear how long Dataminer’s software tool will scrape all of this data, according to TechCrunch.
Hackers Start Phishing Scams
Even if it doesn’t appear to be crucial information, hackers may use it to carry out phishing scams or perform other forms of identity theft. You can read more here about that.
The first person to report such a data leak was Troy Hunt, the military analyst and owner of the website Have I Got Up and return. He observed that up to 2 million user records were made publicly available in plaintext form on each of Skydrive or Coursera (i.e., without encryption).
According to Gordon’s blog post on the event, LinkedIn distributed around 1.7 billion documents on its website prior to limiting access for those who weren’t a part of its professional network. It is possible to download the files straight from the website’s pages or to get a certificate authority-related issue while trying to enter them.
Attacks on popular accounts using simswapping techniques are also becoming more likely. Strangely, telecoms are one of the organisations that need to step up their security efforts and attention in this area since their attention—or lack thereof—can make a significant difference between incidents and disasters.
Also keep in mind that if you tried to remain anonymous on Twitter, correlations between your email and phone on other platforms may reveal your identity. As a result, if you made any statements that you are not ready to be associated with right now, think about how to handle a scenario in which this might be revealed. If you made political views on the platform and are in a situation where this may reflect poorly on you,
User Should Be Careful
If users receive any more questionable emails or texts, they should exercise caution because they can contain links they shouldn’t click on.
It’s crucial to be cautious if you get any shady emails or texts. The URLs can contain malware, which might damage your computer and steal sensitive data card numbers, log in. It is essential that you should install some authentic malware removal software which are recommended by Safetydetectives team. One way to make sure that the sensitive data and personal data you utilized set up an account for any specified department’s website won’t be used to help a threat actor hack into other accounts you’ve made is to use a master password to keep a strong and distinctive password across numerous websites.
Don’t click the link if you receive an email that seems to have been sent by someone you know but has an odd subject line or strange formatting (such as all uppercase characters). It might be dangerous software created to infect any attacker successfully that will gather your data and transmit it back out over the network to be sold on dark web platforms like Hansa Market or Made a lasting Market.
When the Data Was Leaked
Attempt to steal the data of millions of Twitter users in December 2024, and the social media platform acknowledges the theft in January 2024.
The data was purchased for $30,000 on a community, and as of November 2024, the exact stolen data is still accessible online.