A threat actor has recently uploaded a massive database of Twitter user records to the dark web, involving over 5.4 million private information stored on the social media giant. Reports reveal that this massive leak was caused by an API flaw fixed last January, with hackers finding another way to abuse it.
Additionally, the threat actors did not stop abusing the flaw, as another set of 1.4 million worth of Twitter user profiles has also been subsequently dumped to a selected group of recipients. This other database leak contained scraped Twitter public data, such as contact numbers and email addresses.
It could be recalled that last July, headlines were flooded with news about a threat actor selling over 5.4 million Twitter users’ databases on an underground forum for $30,000. The social media giant confirmed the unfortunate incident, stating it was from a Twitter API bug supposedly fixed last January.
‘Pompompurin,’ the dark web hacking forum owner, has claimed the Twitter bug exploitation and the massive database dump.
As per the investigation of the incident, a threat actor dubbed ‘Pompompurin’ said they were responsible for the Twitter bug abuse, allowing them to dump millions of Twitter records online. Pompompurin also shared that another malicious entity known as ‘Devil’ had disclosed the vulnerability to them, which granted them access to collect the data.
The recently leaked Twitter database contained millions of user records, including Twitter IDs, full names, screen names, locations, verified status, account URLs, followers and following counts, account creation dates, profile photos, and more.
Experts warn that the second data dump using the same Twitter API flaw contained another huge set of users’ critical records, which implies how wide the breach is. They also added that verifying samples from the second data dump confirmed that it is real and must be taken seriously.
Because of this grave data breach incident, users of the social media platform are alerted to be wary of potential cyberattacks that could target them, including phishing, scam, account hacking, and identity theft.
Users must first verify all emails, text messages, or calls they receive allegedly from Twitter, as it can be a work of a hacker attempting to steal their information further, or worse, their finances.
Security researchers have been contacting Twitter for a statement, although the firm has yet to release any comment. Our team in iZOOlogic will also share updates about this report as soon as new developments arise.