Twitter stated that there is no indication that the data being offered for sale on the internet was obtained through a vulnerability on their platform, refuting the recent claims of a data breach wherein the information of over 400 million users was put up for sale on the dark web.
In a blog post, the company revealed that after a thorough investigation into the data breach, it was concluded the information was not directly related to Twitter nor stolen due to the vulnerability in their systems.
The company also shared a timeline of the breaches throughout 2022 and some insights about the recent hacks, especially in July 2022, when Twitter was aware of a potential breach.
Twitter and data breach
The Cyber Express reported in December 2022 that the data of 400 million Twitter users were posted on the dark web as a hot sellable item.
According to Alon Gal, co-Founder and CTO of Israeli cybercrime intelligence company, Hudson Rock, the data was probably obtained from an API vulnerability enabling the threat actor to query any email or phone and retrieve a Twitter profile.
“The threat actor provided a valid sample of 1,000 notable accounts and included the private information of AOC, Brian Krebs, Vitalik Buterin, Kevin O’Leary, Donald Trump Jr., and many more,” Gal wrote in his LinkedIn post about the breach.
When contacted, Gal told The Cyber Express that he discovered the post during his dark web intelligence search. David H. of CZECHMATE CZ, a cyber intelligence service based in Czech Republic, confirmed on LinkedIn that he has verified that the data is indeed put up for sale.
Twitter’s latest update denies all these claims.
Twitter denies breach
The company has categorically denied the claims of having access to over 400 million Twitter user emails and phone numbers. According to the company, the 5.4 million accounts reported in November were found to be the same as those exposed in August 2022. It denied any correlation between the 400 million instances of user data.
400 million instances of user data in the second alleged breach could not be correlated with the previously reported incident, nor with any new incident,” it said.
According to the company, the 200 million dataset also could not be linked to any data from Twitter systems or the previous incident. Both datasets were found to be duplicates, with the second one having removed duplicate entries.
None of the datasets analyzed contained passwords or information that could lead to password compromise, it stated.
Therefore, based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems. The data is likely a collection of data already publicly available online through different sources.”
Researcher counters Twitter’s claim
Alon Gal in a LinkedIn post has countered the social media platform’s claims.
Based on his own investigation and feedback from other security experts he insisted that his assessment is accurate. He cited the absence of false matches between Twitter usernames and emails in the database as a point.
The authenticity of the leak is evident in the lack of false positives between Twitter usernames and emails found in the database, opposite to cases of data enrichments,” he said in the post.
“I am eager to hear other perspectives on this matter and will continue to provide updates as more information becomes available,” he added.
How to protect a Twitter account?
While mitigating these attacks, the company shared some measures to protect data. These measures are as follows:
Setup two-factor authentication (2FA)
One of the best ways to protect your Twitter account is by setting up two-factor authentication (2FA). This adds an extra layer of security to your account by requiring a code or confirmation from an authentication app or a hardware security key in addition to your password.
Office of data protection
Users concerned about their Twitter account or want to know more about protecting their data can visit Twitter’s Office of Data Protection. The company will be available to assist users and answer any questions regarding the security of accounts.
Be aware of phishing scams
Staying vigilant when it comes to emails from unfamiliar sources is crucial in today’s digital landscape. Cybercriminals may use the personal information they have obtained to create phishing schemes that are designed to fool individuals into sharing personal information or login credentials.
It’s important to be mindful of the emails you receive and to be cautious of any that ask for sensitive information or contain links or attachments. It’s a good idea to always verify the sender’s email address and hover over links before clicking on them to ensure they are legitimate.
Additionally, having a good spam filter that detects and blocks malicious messages can provide an extra layer of protection.
Regarding emails connected to Twitter accounts, be wary of communications that generate a feeling of urgency or require personal information. Hackers use these popular methods to deceive consumers into disclosing sensitive information. To maintain the security of one’s account, it is critical to double-check the source of any emails purporting to be from Twitter.