The private data of 400m Twitter users including Ethereum co-founder Vitalik Buterin, Charlie Puth and Sundar Pichai, and many more are reportedly up for sale in the black market. The data sample provided by hackers includes sensitive data like emails and phone numbers.
Hudson Rock, a cybercrime intelligence firm, tweeted about this bonafide threat on December 24th in which someone was selling the private data of 400 million Twitter User accounts.
Hudson Rock stated that the database contains a dreadful amount of private data which includes emails and phone numbers of high-profile personalities like Alexandria Ocasio-Cortez, Vitalik Buterin, Kevin O’Leary, and many more.
Hudson Rock further wrote that the threat actor tries to coerce Elon Musk into buying the data or risk GDPR lawsuits by claiming the data was obtained in early 2022 as a result of a Twitter vulnerability.
However, it is not fully confirmed that the database contains 400 million users. The data itself seems to be authentic according to an independent check, Hudson Rock added, we will follow up.
Web3 security firm DeFiYield also looked at the 1000 accounts sample and verified the data as ‘ Real’. They communicated with the hacker via Telegram and stated that they are actively looking for a buyer.
However, some users denied believing such a large-scale breach. They highlighted that Twitter currently has around 450 million monthly active users.
The alleged hacker mentioned a call to action for Elon Musk in the ad. He asked Musk to pay $276 million to avoid the data being sold. If Musk pays the ransom, the hacker claims the data will be deleted and will not be sold to anyone else.
Threats of such information being leaked online include targeted phishing attempts via mail and SMS, SIM swap attacks to gain access to bank accounts, and doxing.