Advertisement
UK markets closed
  • FTSE 100

    7,952.62
    +20.64 (+0.26%)
     
  • FTSE 250

    19,884.73
    +74.07 (+0.37%)
     
  • AIM

    743.26
    +1.15 (+0.15%)
     
  • GBP/EUR

    1.1703
    +0.0009 (+0.08%)
     
  • GBP/USD

    1.2636
    +0.0014 (+0.11%)
     
  • Bitcoin GBP

    55,690.89
    -814.07 (-1.44%)
     
  • CMC Crypto 200

    885.54
    0.00 (0.00%)
     
  • S&P 500

    5,254.35
    +5.86 (+0.11%)
     
  • DOW

    39,807.37
    +47.29 (+0.12%)
     
  • CRUDE OIL

    83.11
    -0.06 (-0.07%)
     
  • GOLD FUTURES

    2,254.80
    +16.40 (+0.73%)
     
  • NIKKEI 225

    40,369.44
    +201.37 (+0.50%)
     
  • HANG SENG

    16,541.42
    +148.58 (+0.91%)
     
  • DAX

    18,492.49
    +15.40 (+0.08%)
     
  • CAC 40

    8,205.81
    +1.00 (+0.01%)
     

Twitter hacker steals 5 million celebrity, company, and anonymous accounts’ personal information

 (Getty Images)
(Getty Images)

A Twitter breach has allowed hackers to find the account names and email addresses associated with millions of accounts.

This includes accounts of people who would rather keep their information pseudonymous, such as whistleblowers and celebrity accounts.

“We want to let you know about a vulnerability that allowed someone to enter a phone number or email address into the log-in flow in the attempt to learn if that information was tied to an existing Twitter account, and if so, which specific account”, Twitter said in a blog post confirming the attack.

It also said there is nothing that users can do to protect their information in this issue, but users should enable two-factor authentication on all accounts to better protect against future breaches.

ADVERTISEMENT

Twitter received a report at the start of this year about a vulnerability in its system, whereby if someone submitted an email address or phone number to Twitter’s systems, Twitter’s systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any.

This bug originated in June 2021, with Twitter fixing the issue. The company said at the time that it had no evidence of a malicious individual using this exploit, but that changed in July 2022 when it was reported that information about over 5.4 million accounts were being sold on a hacker forum for $30,000.

"Hello, today I present you data collected on multiple users who use Twitter via a vulnerability. (5485636 users to be exact)," the forums post selling the Twitter data stated, as reported by Bleeping Computer. "These users range from Celebrities, to Companies, randoms, OGs, etc."

Twitter says it will be “directly notifying the account owners we can confirm were affected by this issue”, adding that it is “publishing this update because we aren’t able to confirm every account that was potentially impacted, and are particularly mindful of people with pseudonymous accounts who can be targeted by state or other actors”.