A database with more than 32 million Twitter accounts has leaked to the network
Less than a week has passed since the discussion of the leak of the hundred millionth DB of Vkontakte social network accounts, which, however, turned out to be a base for 2012, another data injection occurred: this time, according to information received by LeakedSource , a base of 32,888 is available on the darknet 300 Twitter accounts.
The resulting database is stored in clear and heterogeneous: it may contain an email or user name and password, and in some cases there is also a second email address. According to the authors of the blog LeakedSource, the database was compiled with the help of malware, and not during the hacking of Twitter itself.
This is confirmed by the head of information security in Twitter itself:
The account base was provided by the user Tessa88@exploit.im, the same person that recently “leaked” the VK account base.
Below are the top 10 most frequently used passwords:
| No | Password | Frequency of use |
|---|---|---|
| one | 123456 | 120,417 |
| 2 | 123456789 | 32,775 |
| 3 | qwerty | 22,770 |
| four | password | 17.471 |
| five | 1234567 | 14,401 |
| 6 | 1234567890 | 13,799 |
| 7 | 12345678 | 13,380 |
| eight | 123321 | 13,161 |
| 9 | 111111 | 12,138 |
| ten | 12345 | 11,239 |
Top 10 email domains. As can be seen, a significant part of the stolen data belongs to users of the Russian-speaking segment. Mail users from mail.ru have become the most vulnerable to virus attacks. In addition, they even topped the list across the entire database, and in general, of the ten most popular domains, six are the .ru zone:
| No | Mail domain | Number of accounts |
|---|---|---|
| one | mail.ru | 5,028,220 |
| 2 | yahoo.com | 4,714,314 |
| 3 | hotmail.com | 4,520,434 |
| four | gmail.com | 3,302,205 |
| five | yandex.ru | 1,020,757 |
| 6 | aol.com | 586,661 |
| 7 | rambler.ru | 428,084 |
| eight | bk.ru | 374,855 |
| 9 | list.ru | 291,403 |
| ten | inbox.ru | 260,957 |
Also, the authors of the blog LeakedSource note that in the database there are 3022 addresses from the domain .gov (the domain of the US government).
The Twitter press service did not give any comments. However, on the support page in the microblogging service itself, a message appeared indicating that the administration had responded to the publication of personal data of their users and was conducting an audit.