X

Personal data for Twitter founders leaked on Tor network

The names, addresses, and SSNs for Twitter founders and CEO are published to the "hidden" Internet, possibly in retaliation for account suspensions.

Zack Whittaker Writer-editor
Zack Whittaker is a former security editor for CNET's sister site ZDNet.
Zack Whittaker
2 min read

darknet2-v1-620x466.jpg
Screenshot: ZDNet/CNET via Rift Recon

The names, addresses, and Social Security numbers of a handful of staff at Twitter -- past and present -- have been leaked on the so-called "hidden" Internet, according to researchers.

According to the researchers, the leaked details included data on Twitter co-founders' Jack Dorsey, Evan Williams, and Noah Glass, along with incumbent chief executive Dick Costolo. Their full 9-digit Social Security numbers were published. In some cases, cell phone numbers, dates of birth, and previous postal addresses were published as well.

It's not clear where the data came from. However, at the top of the page, it suggested the release of the information was in retaliation for suspending a number of accounts on the microblogging service.

"Twitter suspended @doxbin for 'excessive mentions' and then refused to provide any support via the ticket system for the account," it read.

Perhaps what's more interesting is that this wasn't published -- to our knowledge -- on the public, searchable Web.

The site where this data was found was on a "darknet" site, used by Tor, the anonymous browsing network, which is not searchable by companies like Google or Microsoft. While most search engines remove illegal content, what they can't find they can't do much about.

According to security research firm Rift Recon, which first published the details of this breach: "This practice reduces the ability for you to find out that someone stole or leaked your Social Security Number on a carding forum or a Pastebin-like site: in this climate, only the bad guys know where to go."

The research firm, which specializes in resolving issues related to the darknet, said as take-down requests become more common and routine for search engines, many are taking to Tor-based websites, otherwise known as ".onion" sites, to prevent the information from being yanked from the Web.

"The Darknet adds layers of complexity to anything related to discovery," the research firm wrote, noting that the wider Darknt's growth is "explosive."

An estimated 80,000 to 600,000 sites exist on the .onion address space, with as many as 2.5 million users of the service.

Following the Edward Snowden disclosures last year, that figure rocketed as privacy-conscious users took to masking their online activity -- knowing full well that the U.S. National Security Agency could not fully crack the anonymizing Internet service.

We reached out to Twitter but did not hear back at the time of publication.

This story was first published as "Twitter co-founders', CEO's personal data leaked on 'darknet'" on ZDNet.