Twitter is under investigation by Ireland’s Data Protection Commission (DPC) as the watchdog is determining any possible privacy violations after Twitter’s API setup reportedly leaked details of over “400 million” accounts.
The names, email addresses, and phone numbers of millions of users were allegedly obtained by hackers and are now for sale amongst hacker communities.
The hacker claims to have private details linked to what they say is more than 400 million accounts.
The hacker, “Ryushi,” is asking for $200,000 to hand over the data. The details were first reported by cybersecurity firm Hudson Rock.
It is believed that the data was stolen from a third-party who had access to it as part of their work for Twitter.
The UK Information Commissioner’s Office (ICO) is also investigating whether Twitter has taken appropriate steps to protect users’ data.
In 2019, Twitter’s CEO Jack Dorsey was himself hacked, causing Twitter to change its settings and allow users to delete their phone numbers from the platform. However, new Twitter CEO Elon Musk is requiring Twitter Blue subscribers to have a phone number attached to their account for verification purposes.
The social media platform said it is investigating and taking steps to protect its users.