Twitter Bug Let Hack Get Data Of 5.4 Million Users, Up For Sale For $30,000


Through the use of an earlier this year discovered and patched vulnerability, this data had been taken from Twitter’s databases.

Hackers were able to access the personal information of 5.4 million Twitter users thanks to a weakness in the company’s systems.According to sources, this data is available for purchase for $30,000, or Rs. 23.96 lakhs.

Back in January of this year, HackerOne revealed that a Twitter vulnerability made millions of users’ personal information—including their phone numbers and email addresses—vulnerable to anyone’s access.The vulnerability basically allows anyone to enter a phone number or email address and then discover the corresponding twitterID.What’s alarming is that even if a person has enabled privacy settings to make these facts private, they could still be accessible.

Even though the user has blocked this action in the privacy settings, the vulnerability enables any party to obtain a twitter ID (which is practically equivalent to gaining the username of an account) of any user by providing a phone number or email.The Twitter Android client’s authorization procedure, notably the step where it checks for duplicate accounts, is where the flaw is located, according to a user who uses the handle “zhirinovksiy” on the platform.The author of the post also included instructions on how to obtain proof-of-concept, or, in other words, how to duplicate the vulnerability.

At the time, Twitter referred to the vulnerability as a “legitimate security problem”.Additionally, it had given the researcher a reward of $5,040, or Rs. 4.02 lakh.

Since then, the microblogging platform has patched the problem.Nevertheless, a hacker took advantage of the flaw while it was still present on Twitter, and they are now seeking $30,000 to grant access to the information.

The hacker is reportedly selling the Twitter database on Breached Forums, according to a report by Restore Privacy (via 9To5 Mac).The report claims that the dataset include “Celebrities, to Companies, randoms, OGs, etc”. and that the post by the user name “devil” is still active on the platform.

The unscrupulous hacker also posted a sample of database data on Breached Forums, which the media independently validated.

Twitter has not yet responded to the situation.

Found this article interesting? Follow BG on Facebook, Twitter and Instagram to read more exclusive content we post.

0 0 votes
Article Rating
Notify of

Inline Feedbacks
View all comments

Latest news


Table of Contents1. Make use of keyboard shortcuts2. A universe of widgets and integrations3. Use technology to defeat technology4....

10 Best Backpacking and Camping gadgets 2024

Table of Contents10 Best Backpacking and Camping gadgets1. Living Lodge at Snow Peak M2. Camper JISULIFE Fan3. NOMAD Smoker...

20 Cool Smart home Gadgets on Amazon 2024, trend this year!

Table of Contents20 Cool Smart home Gadgets on Amazon1. Twelve South AirFly Pro Bluetooth Wireless Audio Transmitter/Receiver:2. PhoneSoap Dual...

Top 10 gadgets to buy under Rs.1000

Table of ContentsTop 10 gadgets to buy under Rs.1000 on Amazon India1. pTron Bullet Pro 36W PD Quick Charge2....

Latest Updates

Must read

Nokia C21 Plus With 13-Megapixel Dual Cameras, 3-Day Battery Life Launched In India

Warm Grey and Dark Cyan are the available colours...

50 years of gaming:Increase In Cause Of Pandemic

What is now a multi-billion pound industry started out...

You might also likeRELATED
Recommended to you

Would love your thoughts, please comment.x