Hot on the heels of the Twitter data leak that we first reported in July, there appears to be another data leak being sold online — but this time, the breach allegedly contains over 400 million Twitter users.
In what appears to be yet another privacy blow to Twitter, a hacker is now selling data allegedly from 400+ million Twitter users.
In the hacker forum ‘Breached’, the hacker explained that the data was acquired in 2021 and early 2022. This timeframe lines up with the Twitter data leak of 5.4 million users that we first reported here in July.
It is not yet clear, however, if the data was obtained via the same vulnerability as before with the 5.4 million accounts.
The seller’s post on the Breached forum.
As to the legitimacy of the data, which is always a big question when dealing with threat actors, everything appears to check out.
A few of the leaked “celebrities” and notable users in the sample include:
Alexandria Ocasio-CortezKevin O’LearyDonald Trump JuniorBrian Krebs (and many more) Analysis and verification of data sample
We examined the data sample of 1,000 users that was released via a third-party file-sharing website. When cross-checking Twitter users in the sample with publicly available information, the data appears to be authentic.
Part of the data sample of 1,000 verified Twitter users.
Furthermore, the hacker is also requesting to go through a middleman service via the forum’s owner Pompompurin and/or admin user. This further bolster’s the claims.