Skip to main content

Twitter Hacked - Hackers GDPR threat to Elon Musk We have data of 400 million Twitter user


Hackers ‘GDPR’ threat to Elon Musk: We have data of 400 million Twitter users

A hacker has claimed that he has obtained the data of 400 million 

Twitter

 users and is asking the company CEO 
Elon Musk

 to buy it so that he can avoid a fine from the EU for 

GDPR

 data breach. The threat actor has also provided a sample of data as a proof and claims that it includes emails as well as phone numbers of celebrities, politicians, among others

How did the hacker get private data

The seller, who is reported to be a member of data breach forums named 

Ryushi

, claims that he/ she got them by exploiting a vulnerability. The hacker says the private data includes emails and phone numbers of people of clout.

Alon Gal, co-founder and CTO at Hudson Rock cybersecurity company, posted the details of the hack on LinkedIn

Hacker wants to sell data to Musk

Reportedly, the seller is trying to strike a deal with Twitter CEO Musk to buy the data to avoid GDPR lawsuits.

Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach source. Your best option to avoid paying $276 million in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively,” an purported message from the hacker reads.

Irish DPC probing Twitter data leak

The news comes a few days after the 

Irish Data Protection Commission

 (DPC) launched an investigation into a Twitter data leak that affected over 5.4 million users worldwide.

The DPC, having considered the information provided by TIC regarding this matter to date, is of the opinion that one or more provisions of the GDPR and/or the Act may have been, and/or are being, infringed in relation to Twitter Users’ personal data," read the December 23 announcement by Data Protection Commission.

As per a report by Bleeping computer, the previous breach was found in late November and data was stolen when hackers exploited an API vulnerability that Twitter fixed in January.

Pompompurin, the owner of the Breached hacking forum, was cited as saying that there was another data set of 1.4 million Twitter profiles that was not sold but was only shared among a few people. Pompompurin is also reported to have offered escrow service for the sale.

Claims to also have Twitter data of Google CEO and Bollywood actors

Some reports also claim that the hacker is attempting to sell the data, which contains the personal data (such as phone numbers and email addresses) of prominent Twitter users, including Alphabet and Google CEO Sundar Pichai, Bollywood actor 

Salman Khan
,
Ministry of Information and Broadcasting of India

, Musk-owned SpaceX, CBS Media, Donald Trump Jr., American politician Alexandria Ocasio-Cortez, among others.

Sunny Nehra
·
Dec 26
@sunnynehrabro
·
Follow
Now again a threat actor is claiming to sell 400 M twitter user’s info seemingly fetched using this same flaw

That time Chad Loder and other experts had argued that this flaw was used by more threat actors to collect even more massive data (Chad was banned soon after that tweet)
Sunny Nehra
@sunnynehrabro
1/ A threat actor on a forum is selling data of 5.4 Million Twitter user’s data for $30,000

The threat actor claims that he/she got this data via a vulnerability in Twitter.

A thread šŸ§µ on my analysis and opinions about this breach claim (if it’s real or not).

#cybersecurity

Sunny Nehra
@sunnynehrabro
·
Follow
2/ Twitter had accepted that the said API flaw was abused in the wild but it’s high time now that they also confirm how many exact users and who all were infected (alert all those users). We can’t wait for some or other new dumps related to the same flaw getting leaked with time.

Meanwhile, ethical hacker Sunny Nehra says that hackers may dump more data acquired by exploiting the same vulnerability.
#breakingnews #world #worldnews #america #usa #india #ukraine #russia #usanewstoday #indianews #hotnews #bollywoodnews #bollywood #hollywood #hollywoodnews #afganistan #pakistan #pakistannews #usalive #usalivestream #uk #russialive #indialive #indian #elonmusk #elon #motivation #motivational #motivationalvideo #motivationalquotes

Comments

Post a Comment

Popular posts from this blog

Flipper Zero explained: What to know about the viral hacker tool ( Professional Hacker Used this toll

Flipper Zero explained: What to know about the viral hacker tool ( Professional Hacker Used this toll Flipper Zero explained: What to know about the viral hacker tool The hacking tool blew up on TikTok. Unlike other TikTok trends, it is a powerful tool that can be used by serious pen testers and a learning device for new hackers. Ben Lutkevich, Technical Features Writer Published: 02 Mar 2023 Wireless signals are everywhere. Phones, Wi-Fi networks and bank cards are just a few technologies that use wireless signals to communicate. Hacking them typically requires some cybersecurity knowledge, but Flipper Zero makes it a cinch. Flipper Zero is a toy-like portable hacking tool. The multi-tool is marketed to "geeks," red team hackers and pen testers to expose vulnerabilities in the world around them, like a cybersecurity X-ray. The tool is open source and completed a successful Kickstarter in 2020. The tool gained popularity o...
Post a Comment
Read more

The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) (: Cyber Crime Lows :)

The Information Technology Act, 2000 (also known as ITA-2000, or the IT Act) (: Cyber Crime Lows :) The CitationInformation Technology Act, 2000Enacted byParliament of IndiaEnacted9 June 2000Assented to9 June 2000Signed9 May 2000Commenced17 October 2000Introduced byPramod Mahajan Minister of Communications and Information TechnologyAmended byIT (Amendment) Act 2008 The bill was passed in the budget session of 2000 and signed by President K. R. Narayanan on 9 May 2000. The bill was finalised by a group of officials headed by the Minister of Information Technology Pramod Mahajan 68Failure/refusal to comply with ordersImprisonment up to 2 years, or/and with fine up to ₹1,00,00069Failure/refusal to decrypt dataImprisonment up to seven years and possible fine.70Securing access or attempting to secure access to a protected systemImprisonment up to ten years, or/and with fine.71MisrepresentationImprisonment up to 2 years, or/and with fine up to ₹1,00,00072Breach of co...
Post a Comment
Read more