News

Twitter yet to comment on data of 200 million users being circulated on dark web

Robin-Leigh Chetty

9th January 2023

Bad actors exploited a bug present in Twitter’s API between June 2021 and January 2022.
The data scraped using that exploit has now been refined and is being circulated on the dark web for a pittance.
The fear is that this data can be used to launch phishing attacks on users.

A bug in Twitter’s API that was present from June 2021 to January 2022 is causing yet more headaches for the beleaguered social media firm.

At the weekend, Wired reported that a database containing the email addresses of some 200 million Twitter users was circulating on the dark web. This database appears to be similar to a larger database leaked in 2022 albeit cleaned up and containing fewer duplicates.

As reported by Bleeping Computer, the data contained in this trove of information includes email addresses, screen names, follower counts and when the account was created. The publication goes on to note that users may have escaped this breach if they hadn’t had their email addresses compromised before the aforementioned Twitter bug was discovered.

This bug allowed a person to feed an email address into Twitter’s API to verify if they had an account on the platform. If your email wasn’t leaked beforehand, there’s a low likelihood that your data was compromised here.

With that having been said, if you use Twitter and use one email address for most things, it’s a good idea to head over to Have I Been Pwned and check if your email address has been detected in this, or any other breaches or leaks.

The danger with this sort of leak is that it gives a cybercriminal an avenue to launch a phishing attack. Knowing you have a Twitter account isn’t all that important but, the content contained within that account could be very valuable. If you are concerned, it may be worth locking your account for a while, just in case a ne’er-do-well tries to leverage that information to conduct an attack.

The founder of Have I Been Pwnd, Troy Hunt, highlighted that while there aren’t new revelations in this data dump it does highlight how data is recycled and used to launch other attacks. This scraping of Twitter’s API to confirm user email addresses was only possible thanks to previous breaches which helped attackers amass a trove of email addresses they could use.

While this breach didn’t take place under Musk’s watch, the silence from Twitter is deafening.

The firm’s communications team was infamously dispatched alongside hundreds of other workers last year when the billionaire took over. This means that unless users seek out this information, they may not even be aware that their information is now being circulated for a pittance on the dark web.

Should the social media platform issue any sort of correspondence as regards this data being circulated, we will update this story.

Be vigilant as we enter the new year, cybercriminals tend to ramp up their efforts during the festive season into January.

About Author

Robin-Leigh Chetty

Editor of Hypertext. Covers smartphones, IoT, 5G, cloud computing and a few things in between. Also a keen photographer and dabbles in console games when not taking the hatchet to stories.