A self-proclaimed data enthusiast calling themselves ‘ThinkingOne’ has made a huge database containing 201 million pieces of user data from X freely available. The data is said to have come from two previous leaks and includes email addresses, locations and profile data of users of the social media platform.
So what is that, like 6 or 7 people?
A sock for every puppet.
It also includes the people that deleted their Twitter accounts following the acquisition. I’m one of those people and I’m especially annoyed because I only used that blasted app only to register to some giveaways when I was in middle school. I have since discontinued that email account, but still.
If it had happened now, that figure might be accurate. However, this was originally exploited in 2022, so it’s probably pretty bad.
Bluesky people why are people still using Twitter? :)
Mastodon is much better and resistant to enshittification. Bluesky is not federated or decentralized.
Bluesky will be in the same boat given enough time. Mastodon is the only proper stand-in for twitter.
I’ve been on mastodon for 8 years and it’s ok but it can’t catch the masses. It has been paralyzed from advancing by a vocal minority.
It shouldn’t take 6 years to get search and quote posts. They also need optional algorithmic feeds.
100% agree. The user experience of Mastodon is unappealing for the masses. Bluesky will enshittify for sure, but it’s the only real replacement for Twitter nowadays.
This vulnerability made it possible to collect user data simply by knowing someone’s email address or phone number.
Another example of where it pays off to have separate email addresses/aliases for every website/service you use.
I think it pays even more to not use X
That’s re-victimization. People do people stuff, like using social networks. Furthermore, the database probably goes as far as previous to being bought, enshittified and renamed by Musk. So… you’re not being fair.
The actual data compromise happened sometime before July 2022, months before Elon’s purchase of Twitter happened. Telling people they shouldn’t have registered their real phone numbers to Twitter in 2015 or whatever isn’t really a helpful argument to make today.
I’m fairy sure the guy above said “use X” not use social media. X is a particularly shitty platform.
Wait, so you literally have hundreds of accounts? How do you manage them all?
Yes, and Bitwarden+SimpleLogin. Bitwarden to keep track of login info including the alias that is used for that site. SimpleLogin is where the aliasing is actually handled, they have a decent UI for enabling/disabling or generating reverse aliases (for outgoing emails) when needed.
It does take a little more effort to manage it, but it’s worth the payoff. I’ve been using this setup for about 9 months now and I finally got my first spam email a week ago. I looked at the address it was sent to, it was an alias I used at a site I ordered something from about 6 months ago. I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias. No more spam.
I sent them a message letting them know that either someone at their company is selling customer info to scammers or their database has been leaked, then I shut off the alias.
🫡
I use addy.io
Proton Pass has a feature exactly for that. You can create unlimited number of aliases, and kill ones that bacame compromised.
My email provider allows for unlimited aliases. So, while I have 600+ email addresses, emails to them all end up in the same mailbox.
The accounts for all the websites and services (with their specific email address) are in a KeePass database and they all have random passwords, too.
The only small issue is when you have to contact support of some service. Then, I have to configure the specific email address in my client so they can match that to my account with them. But most email clients allow multiple sender addresses without having to fiddle with the rest of the settings.
Password manager plus an emailing alias service. Protonpass integrates with SimpleLogin but there’s also ones like Firefox relay and anomaly (all open source)
Thanks, though do you have a link for Anomaly? I can’t seem to pull up anything.
How many of them are Elmo’s alt-accounts?
Yes
Anyone know where these files where originally posted?
I would like to know this too but all I see is many variations of the same joke in this comment section.
I was just about to ask. I know that there was a clearnet site for data breaches but that’s since been taken by the DOJ.
I imagine there’s an onion site but my onion experience is very little to know where to even begin to look. My searches on torch found very little.
You mean “Have I been pwned”?
No that’s for checking if your data has been breached. I want the full data set.
Quick everyone do their banking on it!
That’s like, 400 actual non-bot accounts. Nobody is safe anymore!
I think they mean 10 million users, 30 million abandoned accounts, and 160 million bots.
Seems like a dedicated person might be able to prove that. Go through the available data and see what % of leaked accounts actually point to a real person, or even a unique person. If it’s mostly bots you’d see that pretty quick
Check how many accounts pushing republican propaganda only post during St. Petersburg business hours… 🙃
lol
Or this could be publicity stunt “look how many users we have, many users, beutifull users like never before, nobody knew how many users as there”.
This is why I gtfo when Elon took over. I knew something like this would happen.
Exactly this. We knew that everything would get shaky after he fired all those people and a data leak is the consequence
Removed by mod
lmaoooo
Thoughts and prayers
Fucking heros
