In August, Twitter came forward and admitted a vulnerability had been exploited by a third party to obtain user data. They have confirmed that 5.4 million users’ data had been maliciously collected. Recently (November 24th 2022), the database of 5.4 million accounts has now been made available on a popular hacking forum for free.
These records contain either a private email address or phone number, and public scraped data, including the account’s Twitter ID, name, location, etc.
As this data can be potentially used for targeted phishing attacks to gain access to login credentials, it is essential to scrutinize any email that claims to come from Twitter.
Please also:
- Routinely change your passwords and ensure your passwords are complex in nature.
- Do not re-use your passwords for other online accounts.
- Do not provide your login credentials to anyone or any other websites but Twitter.
- Monitor the “Apps and Sessions” and “Account History” for suspicious behaviour.
If you would like further information regarding the breach and steps to protect your account, please read the full article at CISO Corner.
If you have any questions or concerns regarding the incident, please feel free to contact our IT Support team on +61 (2) 67735000, servicedesk@une.edu.au.