2022 has been a catastrophic year as far as security is concerned. Many large companies have fallen into the clutches of hackers, who have managed to gain access to huge user databases that they have dumped and put up for sale in all kinds of forums available to anyone. But, although we are already in 2023, the loopholes of 2022 are still the order of the day, and today we can meet another popular victim of these computer attacks: Twitter.
2022 hasn’t been a great year for Twitter either. The social network has gone through all kinds of ups and downs that, finally, have ended with the purchase of the social network by Elon Musk, a collapse in its value and a massive flight of users to other networks. But, as if that were not enough, last year this social network has also been affected by a huge data leak that, today, takes its toll on all of us.
The data of 200 million Twitter users for sale
A few hours ago, a group of hackers put up for sale on well-known Dark Net forums, for just $2, a huge database with the information of 200 million users of this social network. These data were obtained through a bug in the Twitter API in 2021.
Until mid-2022, hackers have been processing the information and privately selling relevant and important users’ private information (phone numbers, addresses, etc). However, all this information was moving very privately, and without a trace. However, this is over.
A few hours ago, a well-known user of a hacking forum has put up for sale a complete database, with more than 200 million user entries, for an approximate price of 2 dollars. Any user interested in this database can buy it and use the information it contains for whatever they want. The most relevant of each line are the email addresses linked to each user.
The file is distributed in RAR format, with a total weight of about 60 GB, within which we can find 6 text files with all the information. One of the TXT weighs 30 GB, while the others do not exceed 10 GB.
At first, the users who have already paid their 2 dollars and have analyzed the databases assure that the email addresses are authentic, at least theirs. The authenticity of the 200 million emails included cannot be guaranteed.
Of course, it is important to note that this new database for sale is just the tip of the iceberg of everything that hackers were able to obtain through the API.
What I can do?
As we have said, now the 200 million rounds are available to anyone. And that means that, shortly, SPAM and Phishing will skyrocket. Hackers will take advantage of the fact that many of these emails are valid, and of the information included in the database, to carry out massive attacks with which to deceive users or steal even more information.
Furthermore, since SoftZone We don’t recommend paying the $2 just to see if our emails are affected. Being a database that anyone can access, in a matter of hours we will have it uploaded and processed in Have I Been Pwned, so right there we can check if our mail is for sale or not.