Twitter: Hacker Offers Over 200Million Stolen User Details For Free

Elon Musk Announces Final Date For Removal Of Free Twitter Verification
Elon Musk Announces Final Date For Removal Of Free Twitter Verification

Elon Musk’s recently acquired platform Twitter has suffered another hack, with over 200 million user details compromised, and has been distributed for free on a hacker’s forum.

According to Bleeping computers, the hacker who stole the details by exploiting a Twitter API vulnerability in 2021, which contained email addresses used to set up accounts, has now been offered for as low as $2 on a popular hacker’s forum. This latest hack is believed to give rise to an influx of anonymous identities expected to be linked to real-world identities through stolen emails and according to reports by the Washington Post, 235 million user details were hacked this time around.

BBC reports disclosed that although it is yet to confirm the data leaks and verify the information contained in the leaked details, the supposed hacked data may contain duplicate or fake information. However, Alon Gal, a cybercrime expert who works for Hudson Rock, disclosed that the leak contains cybercrime significant data of more than 200 million email addresses.

Mr. Gal told the BBC that this would “unfortunately lead to a lot of accounts getting hacked, targeted with phishing, and doxxed”, he also added that “This database is going to be used by hackers, political hacktivists and of course governments to harm our privacy even further”.

While Bleeping Computers was able to confirm that they downloaded the hacked data which contained email addresses and it matched a list of Twitter user profiles.

This is not the first time hackers have breached the security of the social media platform, as it is one of the social platforms in which hackers have continued to have a field day attacking their database and stealing users’ details.

Twitter users are advised by  Bleeping Computers to be on alert to monitor and report targeted phishing scams that attempt to steal users’ sensitive information and passwords.