Back in December, the hacker demanded $200,000 to return the breached data, but warned that if their conditions are not met, they will release the data for free.
After a breach exposed 400 million users’ private information in the last week of December 2022, 200 million Twitter users’ private information, including their email addresses, was put up for sale.
The hacker behind the December breach had earlier demanded $200,000 from Twitter in a bid to return the stolen data and warned if the demand is not fulfilled, the data will be released for free. The latest set of data posted on the hacker forum has been traced back to the same breach from December 2022.
IMPORTANT UPDATE ON THE TWITTER HACK: https://t.co/05z8gQm9ZW pic.twitter.com/8sGpIMuOeN
— Hudson Rock (@RockHudsonRock) January 3, 2023
Researchers at Privacy Affairs confirmed that the leaked data set on the hacker forum is the same from December. The 200 million number, in this case, resulted from the removal of duplicates. The released data set doesn’t contain phone numbers. The researchers warned that these data sets could be used to initiate social engineering or “doxing” campaigns.
The data set was originally 63GB, but after removing duplicates and compressing the files, the size of the latest data set was reduced to 4GB and free to download.
The hacker also noted that the analysis of original file dates and account creation dates “strongly suggest” that this was collected from early November 2021 through December 14, 2021.
Many users on Twitter demanded that the social media platform looks into security as these hacks put activists and whistleblowers in danger.
I went to change my email address and Twitter isn’t working. This hack puts activists and whistleblowers in danger. https://t.co/5SrSejgvO6
— Ian Linkletter (@Linkletter) January 5, 2023
Some of the popular and known names and entities include Sundar Pichai, Donald Trump Jr., SpaceX, CBS Media, the NBA and the WHO. The data breach vulnerability has been patched now. But, tracing back to the hack, it seems the same vulnerability was used for another exploit in July 2022.