Cyber Incident Victim: Twoo.com
Date:
Dec 2020
Location:
United States of America
Summary
A data breach broker marketed stolen user records from 26 companies, including Twoo.com, on a hacker forum, collectively exposing approximately 368.8 million records. The platform, listed under its parent entity Netlog.com, had 53 million user records compromised and sold as part of this incident, which was previously disclosed among other historical breaches. The broker monetized datasets from both newly exposed and previously breached entities, though specific details regarding Twoo.com's data types or exploitation were not elaborated in available reports.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 31, 2020, BleepingComputer reported a data breach broker advertising stolen user records from twenty-six companies on a hacker forum, totaling 368.8 million compromised accounts. Among these was Netlog.com (operating as Twoo.com), with 53 million user records listed for sale alongside other major platforms like Juspay.in (100 million records) and Pizap.com (60 million records). The Twoo.com breach had been previously disclosed through a separate incident where a hacker marketed 550 million records across multiple platforms, indicating this was part of an ongoing resale of historical data. The broker's forum post did not specify pricing for Twoo.com's dataset, unlike newer breaches such as Teespring.com ($3,800-$4,000) or MyON.com ($2,800), suggesting it was part of a consolidated offering of older breaches. The article confirmed that eight companies in the listing represented newly disclosed breaches, while eighteen—including Twoo.com—had existing public disclosures, though the exact timeline of Twoo.com's original compromise remained unspecified in this report.
The incident impacted 53 million Twoo.com users, with no updated details on the nature of the exposed data or the company's response specific to this resale event. Broader context from prior reporting indicated Twoo.com's parent company, Netlog, had experienced a breach involving email addresses, passwords, and other personal information, which threat actors later monetized through dark web markets. In the December 2020 broker listing, no companies beyond MyON and Chqbook provided fresh statements; MyON acknowledged a July 2020 breach but downplayed its severity, while Chqbook denied any compromise. Twoo.com did not issue new public remarks regarding this resale activity, and BleepingComputer's outreach to unreported companies yielded limited responses. Historical patterns suggested that resold data from platforms like Twoo.com often fueled credential-stuffing attacks and phishing campaigns, as observed with Teespring users receiving malicious emails post-breach. The article advised users of all affected platforms—including Twoo.com—to reset passwords and avoid credential reuse, though no unique remediation steps were confirmed for Twoo.com beyond these general precautions.