July’s Report Of A Twitter Data Breach Was WAY WORSE Than Previously Thought

Remember back in July there was a data breach on Twitter where the information on 5.4 million users was up for sale on the dark web? Well as bad as that was, we now have news that it was actually worse than that. 9to5mac is reporting the following:

We’ve been shown evidence that the same security vulnerability was exploited by multiple bad actors, and the hacked data has been offered for sale on the dark web by several sources.

It had previously been thought that only one hacker gained access to the data, and Twitter’s belated admission reinforced this impression …


There were suggestions on Twitter yesterday that the same personal data had been accessed by multiple bad actors, not just one. 9to5Mac has now seen evidence that this is indeed the case. We were shown a dataset which contained the same information in a different format, with a security researcher stating that it was “definitely a different threat actor.” The source told us that this was just one of a number of files they have seen.

That’s really, really, extremely bad. And reading this report makes one wonder how this is going to get any better under Elon Musk? Because it is pretty clear that Twitter’s security was bad before he took over. So given all that has gone on, how much worse can it be with him in charge? While Twitter doesn’t have a PR department anymore, the company needs to provide some answers on this. And they need to do so now with enough detail to reassure Twitter users that they can have confidence in the company. But I am pretty sure that this is not going to happen.

UPDATE: I have commentary from Brian Johnson, Chief Security Officer at Armorblox:

“Breaches that expose email addresses and phone numbers are almost always followed up by targeted phishing and SMiShing campaigns. Given that Twitter has also been in the news a lot recently, attackers might exploit our cognitive biases like recency bias to send out fake password reset emails or SMSes to Twitter users to steal their credentials. Stolen passwords now allow them to try these passwords out laterally across other sites because many users use the same password across different providers. We recommend that users set up multi-factor authentication on all their personal and work accounts, and more specifically, watch out for suspicious emails that appear to be coming from Twitter. This includes verifying the sender email addresses, and any links that are included in the email to make sure that they are indeed related to Twitter.”

UPDATE #2: Chad McDonald, Chief of Staff and Chief Information Security Officer of Radiant Logic:

“In the latest episode of the Twitter saga, news of the significant data breach resulting in the security expert who reported it being suspended is a huge cause for concern. Security practitioners have often looked to Twitter in the past for updates from colleagues and influencers alike on the latest bugs, vulnerabilities and threat groups. Given the changes that have been brewing at Twitter these last few weeks, it would be incredibly damaging for them to not only be once again responsible for massive amounts of users being breached but that they are also making efforts to cover it up. Twitter must act, quickly, to get a serious handle on how much of their users’ information was leaked and what they plan to remedy the situation.” 

Leave a Reply

%d bloggers like this: