The 400 million Twitter user data breach includes data of some well known personalities

Among the 400 million Twitter users whose information was compromised and is now for sale are famous people. Among them are the pop singer Shawn Mendes, the model Cara Delevingne, the US politician Alexandria Ocasio-Cortez, the businessman Kevin O'Leary, the British media personality Piers Morgan, and the former Australian prime minister Scott Morrison. Last Monday, a someone using the alias "Ryushi" who appears to be a cybercriminal shared a sample of data. The recent hacking of British broadcaster Piers Morgan's Twitter account, according to The Guardian, was "likely not a coincidence," according to a cybersecurity firm that was informed of the claim. And yes, it is accurate given that Morgan was also referenced in the hacker's data samples. [caption id="" align="aligncenter" width="1280"] Image credit - Times of India[/caption] According to reports, Morgan's Twitter account posted hate speech and profanity directed towards the late Queen and British musician Ed Sheeran. However, the majority of the content had been removed. The only account identified as having been compromised in the attack was Morrison's official email address, which had previously been made public. The lack of his phone number may have limited the amount of the damage. The hacker claims that all the data includes the emails and phone numbers of famous persons, politicians, corporations, regular people, and many unique and odd identities. An purported flaw in Twitter's platform allowed for the scraping of the data.

BREAKING: Hudson Rock discovered a credible threat actor is selling 400,000,000 Twitter users data. The private database contains devastating amounts of information including emails and phone numbers of high profile users such as AOC, Kevin O'Leary, Vitalik Buterin & more (1/2). pic.twitter.com/wQU5LLQeE1

— Hudson Rock (@RockHudsonRock) December 24, 2022

In an effort to save Twitter money and help it comply with the EU General Data Protection Regulation (GDPR), a hacker suggested selling Twitter "exclusive" data for $200,000. In November, the material was made available to the public. Since nobody knew how many users had been affected by the vulnerability at the time, there were rumours that this was only the start of the problem's severity. Three days prior, Hudson Rock, an Israeli cyber-intelligence organisation, published online about the "credible danger," claiming to have been among the first to find the post containing the information of 400 million Twitter users. [caption id="" align="aligncenter" width="1600"] Image credit- Mint[/caption] A weakness in Twitter's application programming interface (API) services was discovered in January, allowing users to determine which accounts were connected to which emails and phone numbers. In August, Twitter recognised this. An attacker might gain access to previously inaccessible data, like the private phone numbers and email addresses of well-known individuals, by exploiting the bug. This violation resulted from a change made to Twitter's code in June 2021. However, Twitter found in July 2022 that a hostile user had exploited the issue before it was fixed, which led to the deployment of a patch. The case came after an attempt to sell the contact details, including phone numbers and email addresses, of 5.4 million people. Twitter has pledged to alert anyone who has been identified as a hacking victim.