Renowned cybercrime intelligence firm, Hudson Rock has raised concerns over an alleged listing of sensitive information belonging to about four hundred million users of Twitter on a black market.
The firm mentioned in a tweet that user email addresses and phone numbers are part of the information available in the database being held by the hacker. It has therefore been described as a “credible threat.”
In the tweet which broke this information to the general public, Hudson Rock listed AOC, Kevin O’Leary, and Vitalik Buterin as part of the High profile names available in the hacked database.
BREAKING: Hudson Rock discovered a credible threat actor is selling 400,000,000 Twitter users data.
The private database contains devastating amounts of information including emails and phone numbers of high profile users such as AOC, Kevin O’Leary, Vitalik Buterin & more (1/2). pic.twitter.com/wQU5LLQeE1
— Hudson Rock (@RockHudsonRock) December 24, 2022
Please Note: At this stage it is not possible to fully verify that there are indeed 400,000,000 users in the database.
From an independent verification the data itself appears to be legitimate and we will follow up with any developments.
— Hudson Rock (@RockHudsonRock) December 24, 2022
Data subjected to independent checks
To prove that the user details available at his disposal and up for sale are genuine, the hacker released about 1000 user account details for verification.
🚨 400 MILLION TWITTER ACCOUNTS DATA HAS LEAKED!!! 🚨
⚡️ EVERY TWITTER ACCOUNT INCLUDES: email, phone number, and username!
🚨 WE GOT IN TOUCH WITH HACKER 👇 pic.twitter.com/zL2SdLrbYn
— DeFiYield 🛡️ Web 3 Security (@DefiyieldSec) December 25, 2022
DeFiYield, a web3 data security firm that ran a verification exercise on the names, has released its report. DeFiYield stated that the user information released by the hacker is valid and genuine. Going a step further, DeFiYield initiated a conversation with the hacker over messaging platform, Telegram. Here, the hacker mentioned that he was on the lookout for a buyer for the database.
Implications of data breach on users
For Twitter, a social messaging platform with a reported active monthly user of 450 million, a breach of this size can only be described as massive and one which has huge implications.
Part of the risks associated with having such sensitive data in the hands of a hacker and also online include phishing attempts that are targeted at specific users through both text and email, crypto frauds, easy access to user accounts, and the possibility of doxing private information.
Twitter’s head, Elon Musk also risks being slammed with a fine and possible sanction from the General Data Protection Regulation Agency if the hacked database leaks into public hands.
To prevent this from happening, the hacker has placed a ransom of $276 million. According to him, should the ransom be paid, the hacker has vowed to destroy the data and to also stop its sale.
South Korea warns of increased cybercrime in 2023
In a very recent development, the National Intelligence Service (NIS) in South Korea has issued a warning to the entire world over the possibility of increased cyber crimes come 2023.
This warning came as the NIS which acts as the nation’s spy agency alleged that cyber criminals funded by North Korea are in a buildup to launch massive cyber attacks in the coming year.
With crypto being at the epicenter of these possible attacks, the issued warning identified Decentralized Finance services as one of the major threats.