The ghost of a “Christmas” past haunts Twitter’s new owner. A hacker threatens to disclose the alleged data of 400 million social network users, but Elon Musk Twitter can avoid this if he pays US$ 200,000 (R$ 1,043,766.20). Bread change for the billionaire. However, it is not recommended to negotiate with “kidnappers.”
In a post on Breached, a forum for selling leaked data, the hacker who works under the pseudonym “Ryushi” promises that the file will be completely deleted if Musk pays the ransom. Among the samples released by the hacker is personal information from American politicians, including Donald Trump Jr and Alexandria Ocasio-Cortez, celebrities, journalists, companies, and government agencies.
Data can be real, while the hacker’s promise is dubious
Over 1,000 profiles of common users accompany the leaked samples of famous accounts. The expressive number, 400 million accounts, leaves the doubt if this is real. Alon Gal, a cybersecurity researcher, claims that the leak is real but cannot confirm that there are 400 million accounts in the archive.
Only Elon Musk Twitter can discover the integrity of the number of users with leaked information. Either pay the ransom or drop the case. The hacker says that if Musk does not pay the $200,000, the package of confidential data acquired via Twitter will be sold for $60,000 to anyone willing to buy.
In an interview with the Bleeping Computer website, the hacker revealed that he contacted the social network to negotiate the sale. But Twitter didn’t respond — and probably won’t. Bleeping Computer was also left without a response from the platform, which no longer has a communication sector.
However, the Irish Data Protection Commission, a body linked to the European Union, investigates the leak of 5.4 million Twitter data in 2021. A second leak would not be legal for the platform on a larger scale — the Meta knows how it is.
Leak used a social network API flaw.
Like the leak of 5.4 million Twitter accounts revealed in November, this new leak utilized a Twitter API flaw that was patched in January of this year. Information was stolen in 2021. Likely, these already leaked accounts are already leaked within these possible 400 million user data.
