Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Search

Massive Data Exposure on X (Twitter) Affects 200 Million Users

Pietro Melillo : 8 July 2024 13:51

Recently, X (Twitter) experienced a massive data exposure, compromising nearly 200 million user records. This incident could be one of the largest user data exposures in recent history, jeopardizing the security and privacy of millions of users. In this article, we analyze the details of the exposure, its implications, and the potential risks for the affected users.

Currently, we are unable to accurately confirm the veracity of the breach, as no press release has been issued on the official website regarding the incident. Therefore, this article should be used as an “intelligence source.”

Scope and Source of the Data Leak

The leaked database contains an enormous amount of data, totaling 9.4 GB. The source of the breach is a Twitter database or a copy of it, which was published on a well-known hacking forum dedicated to data breaches and leaks. The thread title, “9.4GB Twitter Leaked Database Last One – The Exposure Of Over 200 Million Records Containing Email Addresses, Names, And Twitter Account Details,” highlights the severity and scale of this data leak.

Details of the Data Leak

Acquista il corso Dark Web & Cyber Threat Intelligence (e-learning version)
Il Dark Web e la Cyber Threat Intelligence rappresentano aree critiche per comprendere le minacce informatiche moderne. Tra ransomware, data breach e attività illecite, le organizzazioni devono affrontare sfide sempre più complesse per proteggere i propri dati e le infrastrutture. Il nostro corso “Dark Web & Cyber Threat Intelligence” ti guiderà attraverso i meccanismi e le strategie utilizzate dai criminali informatici, fornendoti competenze pratiche per monitorare, analizzare e anticipare le minacce.

Accedi alla pagina del corso condotto dall'Prof. Pietro Melillo sulla nostra Academy e segui l'anteprima gratuita.

Per un periodo limitato, potrai utilizzare il COUPON CTI-16253 che ti darà diritto ad uno sconto del 20% sul prezzo di copertina del corso
Per ulteriori informazioni, scrivici ad [email protected] oppure scrivici su Whatsapp al 379 163 8765 

Supporta RHC attraverso:


Ti piacciono gli articoli di Red Hot Cyber? Non aspettare oltre, iscriviti alla newsletter settimanale per non perdere nessun articolo

The malicious actor responsible for releasing the database, known by the name “michupa,” recently created an account on the forum (on July 7, 2024). In the thread, “michupa” provides a summary of the incident, specifying that the breach is the most recent and has involved over 200 million records. The sample of leaked records contains information such as email addresses, names, screen names, follower counts, and account creation dates.

Types of Exposed Data

The exposed data includes:

  • Email addresses
  • Names
  • X account details (screen names, follower counts, account creation dates)

Email addresses associated with Twitter accounts can be used for phishing, spamming, or other malicious activities. The full names of Twitter users and account information, including screen names and other profile details, can be used to identify individuals and potentially link them to other online profiles.

Implications and Risks for Users

The data exposure puts users at risk of various attacks, including phishing, identity theft, and social engineering schemes. With the vast amount of personal information available, malicious actors can exploit this data to further compromise accounts and systems linked to the affected email addresses.

Veracity of the Breach

At this time, we cannot precisely confirm the veracity of the breach, as the organization has not yet released any official press statement on their website regarding the incident. Therefore, this article should be considered as an ‘intelligence source’ rather than a confirmed report.

Conclusions and Recommendations

The Twitter data breach represents a significant risk to the privacy and security of the affected users. It is essential for impacted users to adopt adequate security measures, such as changing passwords, enabling two-factor authentication, and being more vigilant against potential phishing attempts. Social platforms and relevant authorities must collaborate to mitigate the damage and prevent future breaches of this kind.

The incident serves as an important reminder of the importance of data security and the necessity of protecting personal information in an increasingly digital and interconnected world.

As is our custom, we always leave room for a statement from the company should they wish to provide us with updates on the matter. We would be pleased to publish such information in a specific article highlighting the issue.

RHC will monitor the evolution of the situation to publish further news on the blog, should there be substantial updates. If there are individuals informed on the matter who wish to provide information anonymously, they can use the whistleblower’s encrypted email.

Pietro Melillo
Head of the Dark Lab group. A Computer Engineer specialised in Cyber Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber Threat Intelligence & Dark Web analysis services at IBM, carries out research and teaching activities on Cyber Threat Intelligence topics at the University of Sannio, as a Ph.D, author of scientific papers and development of tools to support cybersecurity activities. Leads the CTI Team "RHC DarkLab"