Hacked! My Twitter user data is out on the dark web – now what?

The danger sign appears as if it were on a CRT monitor


Whereas trolling the darkish net this week, I got here throughout my Twitter account particulars.

This month a darkish net web site launched a dataset of 200 million Twitter profiles. That is the place I discovered my account knowledge. I do know my knowledge was not disclosed in earlier variations as a result of I had checked at the moment. In my work, I take safety very critically.

On Wednesday, Twitter mentioned there was “no proof that knowledge lately bought has ever been acquired.” Exploiting a safety vulnerability in Twitter programs. ”

The corporate means that the newly disclosed account knowledge for December and January (sure, that is the second latest launch) “is more likely to be a set of information already publicly out there on-line by numerous sources.”

Positive, Twitter has already admitted that there was a consumer knowledge leak, which was reported in November 2022. However, in accordance with Twitter, this was all knowledge about 5.4 million consumer accounts disclosed in August. That is 5.4 million nonetheless a really giant quantity.

This knowledge seems to have come from a 2021 hack. On this assault, a hacker abused an Software Programming Interface (API). With it, e-mail addresses had been linked to Twitter profiles. The outcomes embody normal Twitter profile knowledge, similar to names, usernames, and follower counts.

additionally: Hackers use this previous trick to bypass safety precautions

To this point, comparatively innocent. However, then, the attacker used one other API to scrape this knowledge and used it to drag non-public e-mail addresses and cellphone numbers. The ensuing knowledge for roughly 221,608,279 customers has been launched as a file RAR archive. Inside it, you will discover six textual content information that add as much as 59GB of consumer knowledge.

to me Have you ever been mortgaged (HIBP)Founder Troy Hunt, 211,524,284 distinctive e-mail addresses had been uncovered. And now, whether or not from this recognized leak or not, mine is, too. American Specific And Experian IdentityWorks They each contacted me to inform me that my particulars had been uncovered.

What do you have to do in case your Twitter knowledge has been hacked

So what are you able to do about it in case your Twitter knowledge can also be there? Nicely, as American Specific advised me, be extra cautious than normal concerning the prospects Phishing and spam assaults. For instance, if you happen to get an e-mail promising nice pet insurance coverage in your canine, and also you share a number of Spot photographs on Twitter, take a protracted, onerous take a look at the observe earlier than you reply. Specifically, look rigorously at any URLs in these messages.

Individuals will use your private knowledge towards you. Merely. That is ugly.

If you happen to suppose you’ve gotten already been hacked, Test your laptop or smartphone with a great high quality antivirus. In reality, do it anyway. This isn’t the time to take dangers.

You must also do not forget that along with “public” info, semi-private info similar to your date of delivery, cellphone quantity, handle, hometown, and the ever-popular “safety” query, your mom’s maiden identify, could also be in play now.

This implies it is time to evaluate your most necessary accounts and alter their safety questions. Whilst you’re at it, flip it on Two-Issue Authentication (2FA) for all of your companies. That is simply intelligent, whether or not you get hacked this time or not.

Specifically, if you happen to’re nonetheless utilizing Twitter, activate two-factor authentication (2FA). Don’t use it nonetheless Texting, also referred to as SMS, as your second issue. The Twitter microservice that was sending SMS messages went down in November, and continues to be working. As a substitute, change your two-factor authentication technique from texting to e-mail, and Authentication utilityor a Bodily safety keysimilar to a Yubiki.

You must also, as I advisable earlier, Cease utilizing Twitter authentication to log into different web sites. That is simply asking for hassle.

Lastly, I have been warning you Massive hassle from Twitter since Musk took over. Account knowledge leaks like this are a giant crimson flag. I counsel Delete your Twitter accountAnd Change to a different, extra dependable social community.

Leave a Comment