- Cybercrime intelligence firm Hudson Rock claims that a malicious actor is attempting to sell the user data of 400 million Twitter users.
- Affected users include billionaire Mark Cuban, former US president Donald Trump, Shark Tank star Kevin O’Leary, etc.
- The attacker, Ryushi, wants Elon Musk to negotiate an exclusive buyout and prevent the wrong ones from gaining access to the data.
- Ryushi warned Musk that if he didn’t cooperate, Facebook-style fines of up to $276 million might come from a GDPR breach.
Twitter is home to countless crypto influencers and investors, and many of them have gathered millions of followers using the platform. However, a recent report by renowned cybercrime intelligence firm Hudson Rock claims that a malicious actor is attempting to sell the user data of 400 million users of the social media platform, which includes personal information about companies, politicians, and celebrities.
The threat actor stated that the data was obtained earlier this year using a Twitter bug, according to Hudson Rock. The database contains sensitive information about the Twitter users whose data has been reportedly compromised. This includes email addresses, phone numbers, and account creation dates of such users.
Some of the major personalities who have been attacked include Ethereum co-founder Vitalik Buterin, billionaire investor Mark Cuban, former United States president Donald Trump, and Shark Tank star Kevin O’Leary, among others.
The actor, who goes by the name Ryushi, has demanded that certain accounts be contacted by Twitter’s management team and its new owner, Elon Musk, in order to negotiate an exclusive buyout and prevent the wrong ones from gaining access to the data.
Ryushi warned Musk that if he didn’t cooperate, Facebook-style fines of up to $276 million might come from a GDPR breach, exactly as they did when the data of more than 500 million people was exposed. The message reads:
“Twitter or Elon Musk, if you’re reading this you are already risking a GDPR fine over 5.4m imaging the fine if 400m users breach. Your best option to avoid paying $276 million USD in GDPR breach fines like Facebook did (due to 533m users being scraped) is to buy this data exclusively…”
Ryushi went on to emphasize the damaging consequences of Twitter’s defiance. The threat actor noted that disclosing the information to a third party might expose prominent figures to crypto scams, phishing, doxxing, and other illicit activities.
Ryushi pointed out that people might fully lose their trust in Twitter when they learn about the breach, given that Musk was already in a precarious position for making big changes to the platform’s policy.
While some Twitter users assume that Ryushi’s claim that he has access to the private data for 400 million accounts is false, Hudson Rock disagrees. Interestingly, it is unclear if the data will be accused for malicious purposes given the significant amount of heat it would put on Ryushi.
“Please Note: At this stage it is not possible to fully verify that there are indeed 400,000,000 users in the database. From an independent verification the data itself appears to be legitimate and we will follow up with any developments,” the cybercrime intelligence firm states.
The crypto industry is currently barely able to push through the heartbreaking losses piled up due to the collapse of prominent crypto exchange FTX. A data breach of such a high scale might push regulators to take stricter actions.
A crypto journalist with over 3 years of experience in DeFi, NFT, metaverse, etc. Parth has worked with major media outlets in the crypto and finance world and has gained experience and expertise in crypto culture after surviving bear and bull markets over the years.