Hackers have obtained data from nearly 33 million Twitter accounts, including email addresses, usernames and visible passwords. The social network said that it has not been hacked, all data has been directly obtained from users. The most used password is still “123456”, followed by “123456789.”

The data filtration was confirmed onWednesday by Leaked Source, which has received a copy of 32,888,300 Twitter records. The same website features a search engine for over 1.8 billion leaked records. The new information was sent by a user identified as “Tessa88@exploit.in.”

Hackers have obtained data from nearly 33 million Twitter accounts, including email addresses, usernames and visible passwords. Photo credit: PzFeed
Hackers have obtained data from nearly 33 million Twitter accounts, including email addresses, usernames and visible passwords. Photo credit: PzFeed

People can search for their users on Leaked Source to check if the new leak has compromised their data. The search engine is a paid service, although information can be removed from the list for free, under a request.

More than 10 percent of Twitter users have been affected by the new data leak. The social network has 310 million monthly active users. A company spokesperson said that usernames and credentials were not obtained from Twitter, according to Tech Crunch.

“We are confident that these usernames and credentials were not obtained by a Twitter data breach. In fact, we’ve been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks,” said the spokesperson.

Leaked Source believes that all credentials are real since it has already verified some accounts and passwords. The site said in a blog post that malware could have infected all the people on the list.

Malware could be responsible for the massive leak

Malware is capable of collecting usernames and passwords from web browsers such as Chrome and Firefox, which is sent to hackers. The site explained that many usernames appear in the leak with passwords like “<blank>” and “null.”

Some web browsers save passwords as “<blank>” when users decide to save their credentials without entering a password. According to Leaked Source, “the top email domains don’t match up to a full database leak,” so malware may have majorly affected Russians.

Leaked Source “triple checked” if Facebook CEO Mark Zuckerberg was included in the list, but did not find any information. Earlier on the week, the 32-year-old entrepreneur had his Twitter and Pinterest accounts hacked.

The site that has obtained the list of 32,888,300 Twitter accounts said it has tried to contact the social network but has not received any reply. “The lesson here? It’s not just companies that can be hacked,” added Leaked Source.

Michael Coates, Twitter’s trust, and information security officer, said that the company is investigating reports about accounts filtered on the dark web. He remarked that Twitter’s systems had not been hacked.

On early Thursday, Coates said that Twitter was already working with Leaked Source “to obtain info” and take security measures to protect users. The Twitter’s official support account said Monday it was checking data “against what has been shared from recent leaks.”

The most common password is still “123456”, although Mark Zuckerberg prefers “dadada.”

Most passwords obtained by hackers are displayed in plain text since they were stored in web browsers such as Google Chrome and Firefox. In other words, passwords are not encrypted. Subscribed Leaked Source users are allowed to see the first three digits of passwords.

Users can pay $0.76 per day, to check it they if their data is part of the leak, although they can request the removal of their data for free. The site has also published a table, featuring the most common passwords used by Twitter users.

The number one choice is still “123456”, followed by “123456789,” “qwerty” and “password,” those passwords combined account for nearly 200,000 users. A list of emails featured in the database shows that Russians were the most affected.

There are five million accounts using @mail.ru email domains, from the Russian company Mail,.ru. Other 4,7 million accounts are registered with @yahoo.com domains. Gmail occupies the fourth place with 3,3 million accounts.

The new leak comes during the same week that Facebook CEO Mark Zuckerberg was hacked on Twitter and Pinterest. According to The Wall Street Journal, he reused the password “dadada” on both social networks.

Zuckerberg’s password was found among a database of 100 million LinkedIn users, containing passwords and other information. During the last weeks, hackers have also published data from more than 360 million Myspace accounts.

Skepticism about the data leak

Troy Hunt, the creator of haveibeenpwned.com, told TechCrunch that he is skeptical about the supposed data leak from nearly 33 million Twitter accounts. He admitted having heard rumors during the last weeks about Twitter and Facebook breaches.  

“They may well be old leaks if they’re consistent with the other big ones we’ve seen and simply haven’t seen the light of day yet. Incidentally, the account takeovers we’ve seen to date are almost certainly as a result of credential reuse across other data breaches,” Hunt told TechCrunch.

Source: Leaked Source