Mehul Reuben DasDec 27, 2022 10:55:37 IST
As per a recently published report by Hudson Rock, an Israeli cybersecurity firm, the personal data of about 40 crore Twitter users is up for sale on the dark web. These accounts also include many legitimate bot accounts that track and update a number of things.
More importantly, the personal details of Twitter accounts that are up for sale include accounts of business figures, politicians, and government entities.
What is the Dark Web?
The internet that is hidden from standard search engines and cannot be accessed using regular browsers is known as the “dark web.” Basically, the dark web is a subsection of the global network that is beyond what we know as the internet.
The “surface web” is the portion of the internet that we often access through URLs or search engines like Google or Yahoo, while the “deep web” refers to the unindexed, unsearchable websites and material that is beyond their purview. A portion of the deep web is the dark web.
Even if it’s not always the case, dark web usage for illegal activities is common.
A URL in a typical browser like Google Chrome or Mozilla Firefox cannot reach the dark web. Additionally, regular search engines also cannot access it.
This is so that search engines may “index” any “regular” websites that want to be visited by visitors in general. Websites that are purposefully difficult to find are not indexed and must be searched for using specialised software like the Tor browser.
How big is the cache of personal data that is up for sale?
“At this stage it is not possible to fully verify that there are indeed 400,000,000 users in the database. From an independent verification the data itself appears to be legitimate and we will follow up with any developments,” says Hudson Rock.
BREAKING: Hudson Rock discovered a credible threat actor is selling 400,000,000 Twitter users data.
The private database contains devastating amounts of information including emails and phone numbers of high profile users such as AOC, Kevin O’Leary, Vitalik Buterin & more (1/2). pic.twitter.com/wQU5LLQeE1
— Hudson Rock (@RockHudsonRock) December 24, 2022
According to Hudson Rock, the threat actor who is selling the data acquired the data in early 2022. The personal details that is up for sale, include the phone numbers and emails of the users. The cybersecurity firm shared a screenshot of a chunk of the data.
Who are some of the known personalities whose data was stolen?
As per the screenshot that was shared, we get to see that the details of quite a few well know public figure was available on the dark web. These include the personal details of Google CEO Sundar Pichai, US Congressperson Alexandria Ocasio-Cortez, Donald Trump’s son Donald Trump Jr, and the Indian Ministry of Information and Broadcasting. The list also includes details of former President of the United States, Donald Trump.
Some of the other well-known accounts whose data has been put up on the dark web are, the US Department of Interior, the French Ministry of Justice, the World Health Organization, SpaceX, Scott Morrison, former Australian Prime Minister, actor Cara Delevigne, and British TV personality and broadcaster Piers Morgan.
Hacker tried to extort Elon Musk
Hudson Rock says the data was accessed in early 2022 and the seller has attempted to extort Twitter’s owner Elon Musk.
“In the post, the threat actor claims the data was obtained in early 2022 due to a vulnerability in Twitter, as well as attempting to extort Elon Musk to buy the data or face GDPR lawsuits,” reports Hudson Rock.