Twitter Confirms Zero-day Caused a Large Data Leak

Twitter has confirmed that the data of 5.4 million users have been leaked because of the now-patched zero-day vulnerability. The threat actor abused the vulnerability by submitting an email address or phone number, verifying if it was associated with a Twitter account, and getting an associated account ID as a result. The acquired data has been compiled into a list of Twitter profiles and associated with them emails addresses, phone numbers, and public information, such as names, follower count, location, and profile picture and is currently being sold on the hacker forum. Read more...