An operation leveraging trojanized ISO files masquerade as legitimate Windows 10 Operating System installers on torrenting sites and stole information from users who downloaded the malicious code, according to Mandiant.
In August, Twitter confirmed that an API vulnerability fixed in January led to data exposure, but the company said there was “no evidence” that it was exploited. Now over 5.4 million stolen user information have been shared for free on a hacker forum. On top of that, a security researcher warned that there is an even larger data dump using the same.
While media companies have always been a prime target of hackers, they are not always set up to guard against insider threats or have the budgets to protect ever-expanding content operations.