Hackers claim that they “have in their hands” the data of 400 million Twitter users and have put it up for sale on the black market.
The data is said to contain private emails and associated phone numbers of high-profile Twitter users.
On Saturday, cybercrime intelligence firm Hudson Rock claimed to have uncovered a “credible threat actor” selling stolen data on Twitter.
Hudson Rock said that while it has not been able to fully verify the hacker’s claims given the number of accounts, it said an “independent verification of the data itself appears to be legitimate.”
Web3 security firm DeFiYield also had a look at the 1,000 accounts the hacker claimed to have and verified that the data was ‘real’.
She also contacted the hacker via Telegram and noted that they are actively waiting for a buyer.
The data in question is thought to have come from the ‘Zero-Day Hack’ from 2021 that allowed hackers to “uncover” private information which they then compiled into databases to sell on the black market.
The bug was fixed in January this year.