More of 5.4 million Twitter user records appeared online with private information that was stolen through an API vulnerability patched in January.
A security researcher also revealed another, potentially more significant, bulk data dump of millions of Twitter records, demonstrating the widespread abuse of this bug.
The data consists of public information as well as private phone numbers and email addresses🇧🇷
Last July, a cybercriminal started selling private information of more than 5.4 million Twitter users on a hacker forum for $30,000.
In addition to the 5.4 million records on sale, there were also another 1.4 million Twitter profiles of suspended users collected through a different API, bringing the total to nearly 7 million Twitter profiles with private information. This second data dump was not sold and was only shared privately among a few people.
In September, and now more recently, on November 24th, The 5.4 million Twitter records were freely shared on a hacker forum.