To show that the said data for sale is real, the hacker made available over 1,000 sample data entries. This includes the usernames, follower count and other regular data of some affected accounts. The hacker also showed off some email addresses, phone numbers, and other personal information of some users. But how did Ryushi access this amount of user data on Twitter? In light of this security breach, is your data safe on Twitter? These are just some questions that cross the minds of Twitter users around the world.
Delving into the new data breach affecting over 400 million Twitter users
After accessing the data of over 400 million Twitter users, Ryushi is ready to sell. The hacker’s target buyer is Twitter, and he requests the sum of $200,000 to sell the data and delete the thread they put up on the Breached hacking forum. Ryushi also threatens that they would sell this data to other buyers at $60,000 each if Twitter fails to purchase the user data. The hacker says that Twitter’s “best option to avoid paying $276 million USD in GDPR breach fines” is to buy the data they are selling. This statement aims at scaring Twitter into buying user data exclusively from Ryushi. Already, Meta-owned Facebook is facing a similar fine from the European Union. But, how was Ryushi able to gain access to the private data of over 400 million Twitter users? Well, experts say that the data in question was captured in the year 2021 using an API vulnerability. A fix to the vulnerability in question became available months ago. So the data in the possession of Ryushi isn’t new, but still poses a threat to Twitter users. If the data gets into the wrong hands, millions of Twitter users around the world will be targets for scam attacks. Twitter is yet to respond to the hacker regarding the purchase of the data of over 400 million users.