Twitter has suffered a major data breach, compromising approximately 5.4 million users’ personal information. This is due to a major security flaw.

 

“The security flaw came to light in January, when a user on HackerOne named “zhirinovskiy” pointed out that Twitter was vulnerable to hackers seeking to use information for malicious purposes. At the time, Zhirinovskiy detailed exactly how to exploit the bug and described it as a “serious threat” even in the hands of those with only a “basic knowledge” of scripting and coding.” (Fortune).

 

Twitter made an effort to fix the problem, but the solution was not enough to prevent a large scale attack utilizing the bug.

 

“Twitter acknowledged the problem five days later and appeared to have fixed the problem a week after that, when it rewarded Zhirinovskiy with a $5,040 bounty for bringing the vulnerability to its attention.” (Fortune). “Despite the fix, the phone numbers and email addresses of millions of users, including celebrities, companies, and day-to-day account holders or those with desirable handles, were apparently accessed, and now are being sold via a post on a dark web site called Breached Forums, according to RestorePrivacy.”

 

Breached Forums has listed the data for sale at $30,000. There is little information about which users have been affected.

 

“Twitter has since patched the vulnerability, which was reported in January, Restore Privacy reported. The outlet added that the bug was specific to Twitter's Android client and occurred with the social media platform's authorization process. 9to5mac reported there currently was no way for Twitter users to find out if they were affected by the data breach.” (News Max).

 

Breached Forums is a known hacking forum with the specific purpose of buying and selling stolen data.

 

“Breached Forums is the same hacking forum responsible for the leak of 23 terabytes of data from 1 billion Chinese Citizens, which some experts say is the largest data breach in history. The hacker attempted to sell the database for 10 Bitcoin, now equivalent to $202,000. Meanwhile, other large tech companies have suffered greater breaches—including T-Mobile, which last year had 76.6 million users’ data breached in a cyberattack.” (Fortune).

 

This is a poor moment for a breach to occur for Twitter, and the platform is likely to receive more backlash for the faults in security and failure to notify its users.

 

“Users aware of the Twitter breach have complained that they only heard through other security services such as Norton and LifeLock. The breach comes at a difficult moment for Twitter, only weeks after Elon Musk announced plans to pull out of his $44 billion purchase of the platform, citing its failure to prove that bots make up fewer than 5% of its users as one of the reasons.” (Fortune).

 

Have any questions about cyber-security? Responsive Technology Partners is the leading cyber-security expert in the Athens, Metter, Milledgeville, Vidalia, and Atlanta, Georgia areas. We also have locations in Tampa, Florida, Roanoke, Virginia, and Raleigh South Carolina. Service offerings include I.T. support, cyber-security and compliance, telephony, cloud services, cabling, access control, and camera systems. Our company’s mission is to provide world-class customer service through industry leading I.T. solutions that make every customer feel as if they are our only customer. Please visit our website to learn more: https://www.responsivetechnologypartners.com/.

Also, attend a Cyber Summit! Responsive Technology Partners hosts widespread Cyber Summits across all residing states, including Athens, Georgia on Friday, August the 12th . The summit is a Cybersecurity Seminar featuring experts in Homeland Security, FBI, Cyber Insurance, Email Phishing Attacks and more, addressing business's cyber protection concerns. All attendees will receive a comprehensive Network Assessment that will identify weaknesses in your network, cloud environment and policies & procedures valued at $2,500.  The Athens Summit will be held in the University of Georgia Center for Continuing Education and Hotel on Lumpkin.

 

 

 

 

 

 

 

 

 

 

 

 

Sources: 

Fortune. https://fortune.com/2022/07/26/twitter-user-data-breach-hacker-lists-database-of-5-million-users-for-sale/ 

News Max. https://www.newsmax.com/newsfront/twitter-breach-hacker/2022/07/26/id/1080320/