Twitter data breach exposes info for 5.4M accounts: on sale for $30,000

Twitter has confirmed the major data breach which allowed a threat actor to get access to the contact details of 5.4M accounts.

The stolen data – which ties Twitter handles to phone numbers and email addresses – has been offered for sale on a hacking forum, for $30,000.

Restore Privacy reports that the breach was made possible by a vulnerability discovered back in January.

A verified Twitter vulnerability from January has been exploited by a threat actor to gain account data allegedly from 5.4 million users. While Twitter has since patched the vulnerability, the database allegedly acquired from this exploit is now being sold on a popular hacking forum, posted earlier today.

Back in January, a report of a vulnerability that allows an attacker to acquire the phone number and/or email address associated with Twitter accounts, even if the user has hidden these fields in the privacy settings.

This summer, miscreants hacked verified Twitter accounts to send fake but well-written suspension messages that attempt to steal other credentials of verified users.