{"id":24256,"date":"2022-12-30T08:14:14","date_gmt":"2022-12-30T13:14:14","guid":{"rendered":"http:\/\/worldjusticenews.com\/news\/?p=24256"},"modified":"2022-12-30T08:14:14","modified_gmt":"2022-12-30T13:14:14","slug":"twitter-in-data-protection-probe-after-400-million-user-details-up-for-sale","status":"publish","type":"post","link":"https:\/\/worldjusticenews.com\/news\/2022\/12\/30\/twitter-in-data-protection-probe-after-400-million-user-details-up-for-sale\/","title":{"rendered":"Twitter in data-protection probe after &#8216;400 million&#8217; user details up for sale"},"content":{"rendered":"<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\"><b class=\"ssrcss-hmf8ql-BoldText e5tfeyi3\">A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts.<\/b><\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The hacker, &#8220;Ryushi&#8221;, is demanding $200,000 (\u00a3166,000) to hand over the data &#8211; reported to include that of some celebrities &#8211; and delete it.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Ireland&#8217;s Data Protection Commission (DPC) says it &#8220;will examine Twitter&#8217;s compliance with data-protection law in relation to that security issue&#8221;.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Twitter has not commented on the claim.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The data is said to include phone numbers and emails, including those belonging to celebrities and politicians, but the purported size of the haul is not confirmed. Only a small &#8220;sample&#8221; has so far been made public.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\"><a class=\"ssrcss-k17ofw-InlineLink e1no5rhv0\" href=\"https:\/\/www.theguardian.com\/technology\/2022\/dec\/28\/cybersecurity-firm-links-piers-morgan-twitter-hack-to-leak-of-400-million-records-including-scott-morrisons\" target=\"_blank\" rel=\"noopener\">The Guardian reported<\/a>\u00a0that data of US Congresswoman Alexandria Ocasio-Cortez was included in the sample of data published by the hacker. The data of broadcaster Piers Morgan, who recently had his Twitter account hacked, is also reported to be included.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Twitter has so far not responded to press inquiries about the claimed breach.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Chief executive Elon Musk did not reply to a tweeted request for comment from leading cyber-security reporter Brian Krebs &#8211; though the breach, as Mr Krebs notes, probably occurred before the Tesla boss took over.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Hey <a href=\"https:\/\/twitter.com\/elonmusk?ref_src=twsrc%5Etfw\">@elonmusk<\/a>, since you don&#8217;t seem to have much a media\/comms team anymore, can you address the apparently legitimate claim that someone scraped &amp; is now selling data on hundreds of millions of Twitter accounts? Maybe it didn&#8217;t happen on your watch, but you owe Twitter a reply.<\/p>\n<p>\u2014 briankrebs (@briankrebs) <a href=\"https:\/\/twitter.com\/briankrebs\/status\/1607848771777630209?ref_src=twsrc%5Etfw\">December 27, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Cyber-crime intelligence company Hudson Rock says it was the first to raise the alarm about the data sale.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">While acknowledging the amount of data taken had not been verified, the firm&#8217;s chief technology officer, Alon Gal, told the BBC a number of clues appeared to support the hacker&#8217;s claim.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The data did not appear to have been copied from an earlier breach in which details were published from 5.4 million Twitter accounts, Mr Gal said.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Only 60 emails out of the sample of 1,000 provided by the hacker in the earlier incident appeared, &#8220;so we are confident that this breach is different and significantly bigger&#8221;, he said.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Also, Mr Gal noted: &#8220;The hacker aims to sell the database through an escrow service that is offered on a cyber-crime forum. Typically this is only done for real offerings.&#8221;<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">An escrow service is a third party that agrees to release funds only when certain conditions (such as handing over data) are met.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-dm4ypg-ComponentWrapper-HeadlineComponentWrapper egtrm1f0\" data-component=\"subheadline-block\">\n<h2 id=\"Multimilliondollar-question\" class=\"ssrcss-y2fd7s-StyledHeading e1fj1fc10\" tabindex=\"-1\"><span role=\"text\">Multimillion-dollar question<\/span><\/h2>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">&#8220;Ryushi&#8221; has\u00a0<a class=\"ssrcss-k17ofw-InlineLink e1no5rhv0\" href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hacker-claims-to-be-selling-twitter-data-of-400-million-users\/\" target=\"_blank\" rel=\"noopener\">said that it exploited a problem<\/a>\u00a0with a system that lets computer programmes connect with Twitter to compile the data.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">Twitter fixed the weakness in the system in 2022. But the flaw is also believed to have been used in the earlier breach affecting more than five million accounts.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The DPC\u00a0<a class=\"ssrcss-k17ofw-InlineLink e1no5rhv0\" href=\"https:\/\/dataprotection.ie\/en\/news-media\/data-protection-commission-launches-inquiry-twitter-concerning-datasets\" target=\"_blank\" rel=\"noopener\">announced it was investigating<\/a>\u00a0that earlier breach on 23 December.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">As Twitter&#8217;s European headquarters are based in Dublin, the commission is the lead authority supervising its compliance with EU data-protection rules.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">In a statement sent to the BBC about the latest incident, the DPC noted its continuing investigation into the earlier Twitter breach but added: &#8220;Reports have claimed that some additional datasets have now been offered for sale on the dark web.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">&#8220;The DPC has engaged with Twitter in this inquiry and will examine Twitter&#8217;s compliance with data-protection law in relation to that security issue.&#8221;<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The hacker is aware of how damaging the loss of data can be for platforms.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">In the online post offering to sell the data, it warns Twitter that its best chance of avoiding a large data-protection fine is to buy back the data &#8220;exclusively&#8221;.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">In November, Meta was hit with\u00a0<a class=\"ssrcss-k17ofw-InlineLink e1no5rhv0\" href=\"https:\/\/www.bbc.co.uk\/news\/world-europe-63786893\" target=\"_blank\" rel=\"noopener\">a 265m-euro ($276m) fine by the DPC<\/a>\u00a0after data scraped from more than 533 million Facebook users was leaked online.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">The UK Information Commissioner&#8217;s Office (ICO) told the BBC that it was aware of &#8220;media reports&#8221; regarding Twitter user&#8217;s personal information being made available on the internet.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">&#8220;We are engaged in dialogue with Twitter&#8217;s data protection officer and will be making enquiries on this matter,&#8221; it said.<\/p>\n<\/div>\n<\/div>\n<div class=\"ssrcss-11r1m41-RichTextComponentWrapper ep2nwvo0\" data-component=\"text-block\">\n<div class=\"ssrcss-7uxr49-RichTextContainer e5tfeyi1\">\n<p class=\"ssrcss-1q0x1qg-Paragraph eq5iqo00\">It added that it would co-operate with the Data Protection Commission of Ireland.<\/p>\n<p>Source: <a href=\"https:\/\/www.bbc.co.uk\/news\/technology-64109777\" target=\"_blank\" rel=\"noopener\">bbc.co.uk<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<div class=\"mh-excerpt\">A watchdog is to investigate Twitter after a hacker claimed to have private details linked to more than 400 million accounts. The hacker, &#8220;Ryushi&#8221;, is demanding $200,000 (\u00a3166,000) to hand over the data &#8211; reported <a class=\"mh-excerpt-more\" href=\"https:\/\/worldjusticenews.com\/news\/2022\/12\/30\/twitter-in-data-protection-probe-after-400-million-user-details-up-for-sale\/\" title=\"Twitter in data-protection probe after &#8216;400 million&#8217; user details up for sale\">[&#8230;]<\/a><\/div>\n","protected":false},"author":1,"featured_media":24257,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","footnotes":""},"categories":[109,2,3],"tags":[2936,9023,9022,2557],"class_list":{"0":"post-24256","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-headline","8":"category-news","9":"category-usa","10":"tag-hacking","11":"tag-ireland-data-protection-commission","12":"tag-ryushi","13":"tag-twitter","14":"pmpro-has-access"},"_links":{"self":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/24256","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/comments?post=24256"}],"version-history":[{"count":2,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/24256\/revisions"}],"predecessor-version":[{"id":24259,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/posts\/24256\/revisions\/24259"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/media\/24257"}],"wp:attachment":[{"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/media?parent=24256"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/categories?post=24256"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/worldjusticenews.com\/news\/wp-json\/wp\/v2\/tags?post=24256"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}