The hacker named “Ryushi” disclosed how he stole data from 400 million Twitter accounts through Breached, a site used to sell stolen user data. Ryushi asks Elon Musk and Twitter for $200,000, but does the tycoon really have to pay that amount?
Before answering the question, let’s get to know a little about how this hacker managed to steal the data. In 2021, he took advantage of a vulnerability in the API in Twitter, which facilitated the leak of the information of about 5.4 million accounts in January of this 2022. The error that Ryushi took advantage of allowed the sending of telephone numbers and email addresses for retrieve the associated ID.
The data obtained has initially been for sale, although it was later made available to any user free of charge.
So, does Elon Musk have to pay for that data?
Elon Musk will have to buy user data for $200,000, otherwise he would have to pay a fine in accordance with the privacy laws of the General Data Protection Regulation (GDPR) in Europe. The GDPR fine would be $276 million, according to information from Xataka.
Ryushi has proven the veracity of the data leak by posting a few accounts he has information about, including SpaceX, Shawn Mendes, Donald Trump, Vitalik Buterin, Charlie Puth, Linus Tech Tips, Steve Wozniak, Sundar Pichai, Neil deGrasse Tyson, Gerard Piqué, among others.
Ryushi told BleepingComputer that he is waiting for Twitter to buy the data, and once the payment is made, he will delete it. In case Elon Musk does not buy the data, he will sell it to several people for 60 thousand pesos each.
Ryushi owns public and private user data such as email addresses, names, users and followers, as well as creation dates and phone numbers. According to cybersecurity firm Hudson Rock, the data does appear to be legitimate.
Editorial Team The editorial team of EMPRENDEDOR.com, which for more than 27 years has worked to promote entrepreneurship.