Social Media Disease
There were two leaks reported on recently, sadly the actual leaks happened quite a while back. For Twitter users it seems that last July someone was selling information on millions Twitter users they had managed to collect. The leak was made possible thanks to a bug which allowed you to collect far more information than they should have by submitting phone numbers and email addresses into the API, which then provided the associated Twitter ID.
Considering how easy it is to generate lists of numbers and email addresses, that was perhaps not the brightest thing to program into the app. While most of the information gleaned via the hack would already be publicly available, the vulnerability did disclose some personal data which would allow harassment to spread beyond the web. The data associated with the original 5.4 million accounts are available for free, an additional 1.4 million Twitter profiles are available at cost and Bleeping Computer was told there is a far larger database created using the same bug is also available for those who will pay for it.
If that wasn’t enough to cheer up your Monday, remember last year when it turned out personal information of 533 million Facebook users was discovered for sale? Meta just received a slap on the wrist from Ireland, thanks to the EU’s GPDR laws. While the fine might be the third largest handed out under the GPDR, $277 million (€265 million) does not seem like all that much compared to the amount of money Meta makes off of it’s users.
