A Twitter Bug Allowed Hackers To Get Data Of 5.4 Million Users

Recently, a vulnerability in Twitter’s databases has led hackers to get access to the personal data of 5.4 million users. Reports claim that thousands of Twitter accounts are put up for sale on the dark web at a price of $30,000.

This Twitter Bug Leaves Your Personal Data Accessible To Anyone

Twitter’s vulnerability was discovered in January 2022.  At the start of this year, it was reported that a Twitter bug left personal data including users’ phone numbers and email addresses, of millions of users susceptible to being accessed by anyone. As a result of this Twitter bug, account details of more than five million Twitter users are being sold on the dark web for $30,000. The threat named“devil” is selling data of 5.4 million users, apparently obtained by exploiting the vulnerability.

Twitter apparently patched the hole and even compensated the person “Zhirinovsky” that found it, by giving $5,040. He had written in a post that:

“The vulnerability allows any party without any authentication to obtain a Twitter ID (which is almost equal to getting the username of an account) of any user by submitting a phone number/email even though the user has prohibited this action in the privacy settings. The bug exists due to the process of authorization used in the Android Client of Twitter, specifically in the process of checking the duplication of a Twitter account.” 

The malicious attacker also shared a sample of data from the database on Breached Forums, which has been independently verified by the publication. According to the latest reports, “devil” is still live on the platform. Furthermore, it alleges that the dataset includes “Celebrities, to Companies, randoms, OGs, etc.”

On the other hand, Twitter is also bringing new features and changes to its users. We have come to know that the company will soon be going to introduce status tags, including emojis and new tags to the tweets. If you want to know more about it then click here.