As if Elon Musk was not lacking in problems, it was revealed that a database of Twitter users with information on some 230 million accounts is circulating in different forums, Expansión announced.
According to the report, the compilation contains data from the accounts of politicians, bankers, journalists and all kinds of profiles that may be susceptible to cyberattacks, such as targeted phishing.
What is known is that an anonymous user published a few days ago a database with account names and email addresses of millions of members of the social network that is now owned by Elon Musk.
The data has been diverted since 2021 due to a series of flaws in Twitter’s software, in what could be considered “one of the most significant data breaches” ever seen, according to Alon Gal, co-founder of cybersecurity firm Hudson Rock. .
And while the database does not contain the passwords of affected users, the provided information and emails may be material enough to pose a latent security threat.
The BleepingComputer site confirmed the validity of many of the leaked email addresses, which contain names of the people who created them, the number of followers, as well as the date the account was created.
The uses that can be given to information like this are many, including marketing campaigns to the execution of criminal acts in the worst case, and currently it is being sold in disreputable forums for only a couple of dollars.
In 2021, hackers discovered vulnerabilities in Twitter’s security systems, which allowed them to automate account searches based on an email or phone number to detect if they were associated with the platform.
Twitter said that the issue had been fixed in August 2022 and that it had no evidence that anyone was affected by the vulnerability, although several cybersecurity experts said at the time that the databases had been being sold on different hacker forums.
At the moment, Musk’s company is under investigation by the European Union and the United States Federal Trade Commission (FTC) for similar situations.
On the haveibeenpwned.com platform, users can check if their information has been obtained illegally, they just have to enter and write the account, email the phone number in the central section and it will be shown if the information has been found in any vulnerability .
You may also like:
– Twitter tightens spending cuts and there is no longer no toilet paper for employees
– Twitter is sued for not paying $ 136 thousand dollars in rent for its offices in San Francisco
– Elon Musk is booed on stage during a Dave Chappelle show