Ireland’s Data Protection Commission (DPC) has announced that it will investigate a potential data breach at Twitter that may have affected around 400 million users. The hack, claimed by an individual known as “Ryushi,” allegedly resulted in the theft of private information. This breach is linked to over 400 million Twitter accounts. This includes Twitter handles, usernames, email addresses, phone numbers, follower count, and other data. The hacker has reportedly advertised the sale of this information for a minimum of $50,000. Hackers also offered it directly to Twitter CEO Elon Musk for $200,000. The DPC will assess whether Twitter has complied with data protection laws concerning this security incident.
The Israeli cyber-crime intelligence company Hudson Rock has claimed that there has been a breach on Twitter. This includes breaches of phone numbers and emails of celebrities and politicians being leaked. Hudson Rock has stated that the data appears to be legitimate. The Irish authorities are investigating the social media platform for a previous breach. It is unknown if Twitter will cooperate with the authorities in this situation.
Dublin’s Data Protection Commission (DPC) is taking the news seriously. There was previously an attempt to sell the personal information of 5.4 million Twitter users on the dark web. The DPC announced on December 23 that it would launch a probe into Twitter’s response to this incident. It seems that the scope of the inquiry will take other factors too into consideration other factors too.
What’s there in the investigation?
The Irish Data Protection Commission (DPC) is launching an investigation into Twitter’s handling of a data breach that occurred through vulnerabilities in its API (Application Programming Interface) systems. While it is not clear how many users were affected by the exploit, reports have indicated that some additional datasets were being sold on the dark web. The DPC will also examine Twitter’s compliance with data protection laws concerning security issues. Additionally, the DPC has requested information from Twitter about the potential impact of the company’s recent layoffs, which affected more than half of its workforce, including members of its policy, safety, and privacy teams, on its ability to meet privacy obligations.
What’s the core concern?
The recent data breach at Twitter has caused significant concern for the company, as the hacker responsible for the attack appears to be fully aware of the potential consequences of data loss. In a message posted on a hacking forum, the threat actor specifically mentioned that Twitter is already facing repercussions from European authorities due to the breach. The Irish Data Protection Commission (DPC) monitors Twitter’s privacy practices in the European Union, as the company has its European headquarters in Ireland.
The DPC also oversees the privacy practices of other major tech companies with EU offices in Ireland, including Meta. The DPC previously fined Facebook’s parent company a significant amount for a leak of information from millions of users.
Clearly, the DPC takes data protection very seriously and is willing to take action against those who fail to adequately protect user data. The recent data breach at Twitter can potentially result in similar consequences for the company as the DPC, and other authorities investigate the incident.