- A user that goes by the name of Ryushi posted a portion of the data on Breach Forum that includes celebrity phone numbers and emails.
- The data was apparently scraped due to an API vulnerability in twitter reported late last year.
- He claims he will sell the data exclusively to Elon Musk / Twitter otherwise they will have to pay a large fine due to the European privacy law GDPR when it is released publicly.
Twitter or Elon Musk if you are reading this you are already risking a GDPR fine over 5.4m breach imaging the fine of 400m users breach. Your best option to avoid paying $276 million USD in GDPR breach fines like facebook did (due to 533m users being scraped) is to buy this data exclusively.
- Data Includes: Email addresses, Names, Usernames, Numbers of Followers, Profile Creation Date, Phone Numbers.
Best practice when using twitter is to not link a phone number to your account. If you must connect a phone number to an online account, use a number not tied to your legal identity. Twitter's new blue check feature requires a verified phone number and blocks known burner numbers resulting in verified accounts being much more vulnerable to these types of compromises.