Twitter has suffered a data breach after threat actors used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million accounts, with the data now up for sale on a hacker forum for $30,000.

A threat actor known as ‘devil’ said on a stolen data market that the database contains info about various accounts, including celebrities, companies, and random users.

"Hello, today I present you data collected on multiple users who use Twitter via a vulnerability. (5485636 users to be exact)," reads the forums post selling the Twitter data.

In a conversation with the threat actor, sources were told that the hacker used a vulnerability to collect the data in December 2021. They are now selling the data for $30,000, and that interested buyers have already approached them.

Twitter has confirmed that the security flaw was exploited. The platform mentions in a press release that "In July 2022, we learned through a press report that someone had potentially leveraged this and was offering to sell the information they had compiled. After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed."

However, it has been verified with some of the Twitter users listed in a small sample of data shared by the hacker that the private information (email addresses and phone numbers) is accurate.

Since we could only verify a small number of users listed in the scraped data, it is impossible to say if all 5.4 million accounts being sold are valid.

Even though most of the data being sold is publicly available, threat actors can use the email addresses and phone numbers in targeted phishing attacks.

Therefore, all Twitter users should be vigilant when receiving emails from Twitter, especially if they ask you to enter login credentials, which users should only be done on Twitter.com.

Written by Keith Norris, Independent Compliance Consultant, Marketing Association