A security researcher on Wednesday
reported that over 200 million email
addresses of Twitter users were stolen and
posted on an online hacking forum after
the website was hacked.
Alon Gal, co-founder of Israeli
cybersecurity-monitoring firm Hudson
Rock posted about the leak on LinkedIn
saying that the database contains
235,000,000 unique records of Twitter
users and their email addresses and that
this will lead to a lot of hacking, targeted
phishing, and doxxing. He also mentioned
that it was one of the most significant leaks he had seen. He mentioned that the leak will lead to multiple problems. The hackers can use the information to:
1. Target Crypto Twitter accounts (.eth in
name or other methods)
2. Hack into high profile accounts (follower
count or otherwise)
3. Hack into “OG” accounts with good
4. Hack into political accounts
5. Doxx “anonymous” accounts that didn’t
use a dedicated email for Twitter
He also mentioned it was obvious that
agencies around the world will use this
database as well to further harm people’s privacy.
It should be noted that there were no clues
to the identity or location of the hacker or
hackers behind the breach. It may have
taken place as early as 2021, which was
before Elon Musk took over ownership of the company last year. Last month, a hacker claimed to have stolen the data of nearly 400 million Twitter users and put it up for sale on the
The data, including email address, name, screen name/username, account creation date and follower count was offered for 8 forum credits on a famous hacker forum, that amounts to $200,000.
It was observed that the count of
compromised records was found to be over 200 million as compared to the announcement made on December 23, 2022 stating that 400 million records were gathered, “the reason being the presence of duplicate records.
A major breach at Twitter may interest
regulators on both sides of the Atlantic. The Data Protection Commission in Ireland, where Twitter has its European headquarters, and the U.S. Federal Trade Commission have been monitoring the Elon Musk-owned company for compliance with European data protection rules and a U.S. consent order respectively.
(With inputs from IANS)