Irish privacy watchdog investigates Twitter data breach of 5.4 million users
The Irish privacy watchdog Data Protection Commission has launched an investigation into a data breach at Twitter. In addition, the email addresses and telephone numbers of around 5.4 million users have been exposed by hackers.
DPC investigates whether Twitter has violated some provisions of the GDPR with the data breach of ‘one or more data sets’. If this turns out to be the case, the watchdog can fine the social media company. Fines for violating these types of privacy rules amount to a maximum of four percent of annual turnover.
The data breach occurred before the acquisition of Tesla CEO Elon Musk at the end of October. Earlier this year, Twitter users’ personal information was offered for sale on a hacking forum for $30,000. The data was obtained via an API vulnerability, which was patched by Twitter in January.
In addition, security expert Chad Loder revealed that even more personal data may have been collected using the previously fixed API bug, such as account names, bios, screen names, Twitter IDs, and verification badges.