A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They’re asking $200,000 for an exclusive sale.
The alleged data dump is being sold by a threat actor named ‘Ryushi’ on the Breached hacking forum, a site commonly used to sell user data stolen in data breaches.
The threat actor claimed to have collected the data of 400+ million unique Twitter users using a vulnerability. They warned Elon Musk and Twitter that they should purchase the data before it leads to a large fine under Europe’s GDPR privacy law.
Source: Bleeping Computer