While Twitter was recently upset by Elon Musk’s takeover bid that withdrew its bid from the American company without suing him, the social network is now facing a major data breach. Indeed, a Twitter security breach allowed hackers to access the personal data of 5.4 million accounts.
Data including Twitter handles, phone numbers and addresses, For sale on a hacking forum for $30,000s. Therefore, the amount demanded is not very high. Earlier this year, data from a million Frenchmen went on sale for $6,000. Other hackers even managed to steal the personal data of a billion Chinese resistance fighters, which were offered for only $200,000.
The vulnerability used by hackers has been known since the beginning of the year.
In a post, Restore Privacy said that the data breach is possible as follows: A Twitter vulnerability discovered last Januaryr. At the time, the site HackerOne reported a bug that allowed an attacker to decrypt a Twitter member’s phone number and/or email address, even if they had hidden those fields in the settings.
The error is said to be caused by the authorization process used in Twitter’s Android client, specifically in the process of verifying duplicate Twitter accounts. In the post, the user also explained how the defect can be reproduced. Twitter finally acknowledged the vulnerability as a “legitimate security issue” and HackerOne offered a $5,040 reward to its researcher As part of the Bug Bounty program.
lucky for usersdatabase for sale doesn’t seem to contain passwords. In any case, we remind you that your personal data circulates everywhere on the Web every day and is auctioned on average 376 times a day.
Source : Restore Privacy
