As per a recently published report by Hudson Rock, an Israeli cybersecurity firm, the personal data of about 40 crores Twitter users are up for sale on the dark web; these accounts also include many legitimate bot accounts that track and update several things.
More importantly, the personal details of Twitter accounts that are up for sale include charges of business figures, politicians, and government entities.
What is the Dark Web?
The internet, hidden from standard search engines and cannot be accessed using regular browsers, is known as the “dark web.” The dark web is a subsection of the global network beyond what we know as the internet.
The “surface web” is the portion of the internet we often access through URLs or search engines like Google or Yahoo. In contrast, the “deep web” refers to unindexed, unsearchable websites and material beyond their purview. A portion of the deep web is the dark web.
Even if it’s not always the case, dark web usage for illegal activities is expected.
A URL in a specific browser like Google Chrome or Mozilla Firefox cannot reach the dark web. Additionally, regular search engines also cannot access it.
This is so that search engines may “index” any “regular” websites that want to be visited by visitors in general. Websites that are purposefully difficult to find are not indexed and must be searched for using specialized software like the Tor browser.
How big is the cache of personal data that is up for sale?
“At this stage, it is impossible to verify that there are 400,000,000 users in the database fully. From an independent verification, the data appears legitimate, and we will follow up with any developments,” says Hudson Rock.
According to Hudson Rock, the threat actor selling the data acquired the data in early 2022. The personal details that are up for sale include the phone numbers and emails of the users. The cybersecurity firm shared a screenshot of a chunk of the data.
Who are some of the known personalities whose data was stolen?
As per the screenshot shared, we get to see that the details of quite a few well-known public figures were available on the dark web. These include the personal information of Google CEO Sundar Pichai, US Congressperson Alexandria Ocasio-Cortez, Donald Trump’s son Donald Trump Jr, and the Indian Ministry of Information and Broadcasting. The list also includes details of former President of the United States, Donald Trump.
Some of the other well-known accounts whose data has been put up on the dark web are the US Department of Interior, the French Ministry of Justice, the World Health Organization, SpaceX, Scott Morrison, former Australian Prime Minister, actor Cara Delevigne, and British TV personality and broadcaster Piers Morgan.
Hacker tried to extort Elon Musk.
Hudson Rock says the data was accessed in early 2022, and the seller has attempted to extort Twitter’s owner Elon Musk.
“In the post, the threat actor claims the data was obtained in early 2022 due to a vulnerability in Twitter, as well as attempting to extort Elon Musk to buy the data or face GDPR lawsuits,” reports Hudson Rock.