"Hacker Claims to Be Selling Twitter Data of 400 Million Users"

A threat actor named Ryushi claims to be selling the public and private information of 400 million Twitter users scraped in 2021 via a now-patched Application Programming Interface (API) flaw. They are selling the alleged data dump on the Breached hacking forum, which is a site typically used to sell user data stolen in data breaches. Through the exploitation of a vulnerability, the threat actor claimed to have obtained the data of more than 400 million unique Twitter users. They threatened Elon Musk and Twitter to purchase the data in order to avoid a hefty fine under Europe's General Data Protection Regulation (GDPR) privacy law. The threat actor also provided a link to a post detailing how this information may be used by other threat actors for phishing, cryptocurrency scams, and Business Email Compromise (BEC) attacks. The forum post contains data samples from 37 celebrities, politicians, journalists, corporations, and government entities. The user profiles include both public and private Twitter information, including email addresses, names, usernames, the number of followers, the date of creation, and phone numbers. Although all of the accounts appear to have related email addresses, many lack phone numbers. While most of this information is accessible to any Twitter user, phone numbers and email addresses are private. The threat actor Ryushi disclosed to Bleeping Computer that they are seeking to sell Twitter data to a single person/Twitter for $200,000, after which they will destroy the data. If an exclusive purchase is not made, numerous copies will be sold for $60,000 each. This article continues to discuss the hacker claiming to be selling data of 500 million Twitter users. 

Bleeping Computer reports "Hacker Claims to Be Selling Twitter Data of 400 Million Users"