Leaked Source has added 32,888,300 records of Twitter users to its repository of leaked data. The source of the batch is a user who goes by the alias “Tessa88@exploit.im,” who’s been selling the data on a dark web marketplace for 10 bitcoins (around $5,800).
The records contain combinations of email address, a username, sometimes a second email and a visible, plaintext password.
The Leaked Source team believe that the data legitimately belongs to Twitter users, but say that they do not believe it was stolen from Twitter’s own databases. Instead, they think the batch was compiled by using data stolen by malware.
“The join dates of some users with uncrackable (yet plaintext) passwords were recent. There is no way that Twitter stores passwords in plaintext in 2014,” they noted. “There was a very significant amount of users with the password ‘
Michael Coates, Trust and Info Security Officer at Twitter, said that they have investigated reports of Twitter usernames/passwords on the dark web, and that they are confident that their systems have not been breached.
He also added that they hash all user passwords with bcrypt before storing them.
They are trying to obtain the data batch in order to take steps to protect affected users. In the meantime, they have also been checking recently leaked passwords (LinkedIn, Tumblr, etc.) against their own users’ data, in order to keep their accounts safe.
News of this latest data batch made many assume that it was what made the compromise of Mark Zuckerberg’s Twitter account possible, and not the fact that he used the same password on his LinkedIn, Twitter and Pinterest accounts.
But Leaked Source says that Mark Zuckerberg’s account credentials are not in this data set.
An analysis of the top email domains contained in the batch revealed that there were six Russian ones in the top ten.
“Clearly Russian consumers download bad things,” the Leaked Source team commented.