200M Twitter Profiles, with Email Addys, Dumped on Dark Web for Free
A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping.
Covers how social media can expose personal data, spread scams, enable account takeover, and provide channels for influence or abuse.
Search across headline titles and summaries.
Background for this topic.
Social media comprises online services where people and organizations publish content, communicate, and form networks. The term covers public posts, private messages, groups, live streams, advertising systems, and the APIs and third-party applications that process platform data.
For security teams, these platforms expose identity, relationship, and behavioral information that can support targeted phishing, impersonation, or social engineering. Compromised accounts may be used to distribute malicious links or fraud, while excessive sharing and poorly controlled integrations can expose personal or corporate data. Relevant controls include strong authentication, phishing-resistant account recovery, least-privilege access for connected applications, monitoring for brand and executive impersonation, and clear retention and privacy policies. Public posts and platform telemetry can also provide threat intelligence, but collection and use may be constrained by privacy obligations and applicable data-protection rules.
A data dump of Twitter user details on an underground forum appears to stem from an API endpoint compromise and large-scale data scraping.
No passwords, but planety of stuff for social engineering and doxxing More than 200 million Twitter users' information is now available for anyone to download for free.…
The leaked data included names, usernames, email addresses, follower counts and creation dates
A long way from password crackers for Windows NT for former L0pht legend Former Twitter security chief and whistleblower Peiter "Mudge" Zatko has landed his first official role since he left the company, a part-time job as "executive in residence" with cybersecurity firm Rapid7.…
Social media giant says legal basis for data processing was sound
The notorious information-stealer known as Vidar is continuing to leverage popular social media services such as TikTok, Telegram, Steam, and Mastodon as an intermediate command-and-control (C2) server
A data leak described as containing email addresses for 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak. [...]
Facebook, Insta told to pay up, make changes to data slurping process within 3 months A legal saga between Meta, Ireland and the European Union has reached a conclusion – at least for now – that forces the social media giant to remove data consent requirements from its terms of service in favor of explicit consent, and subjects it to a few hundred million more euros in fines for the trouble. …
The Irish Data Protection Commission (DPC) has fined Meta a total of €390 million after finding that it forced Facebook and Instagram users to consent to personal data processing for targeted advertising. [...]
The era of digital trust is broken, and constant vigilance is needed to get things back on track.