235 million Twitter user data “exposed”
According to a cyber intelligence company, a database of approximately 235 million Twitter users was exposed on an online hacker forum in what is shaping up to be one of the largest data leaks ever recorded.
The data dump includes users’ names, e-mail addresses, screen names, number of followers, and account creation dates, as well as some phone numbers, according to Israel-based Hudson Rock.
The disclosure of the unique records will “unfortunately result in a great deal of hacking, targeted phishing, and doxxing,” the company said in a tweet. Doxxing is the online disclosure of private information about a person or organization.
CyberNews was the first to report the news, stating that the affected database was approximately 63GB in size.
In addition, the new leak was attributed to the same group that advertised the sale of the information of approximately 400 million Twitter users on the same online forum in early December. These included handles, user names, e-mail addresses, and telephone numbers, with prices reaching up to $200,000 each.
This is one of the most significant leaks in history, according to Hudson Rock. It is also unknown whether any passwords were compromised, and the possibility that the information was shared privately cannot be ruled out.
Twitter database leaks for free with 235,000,000 records.
The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.
This is one of the most significant leaks ever. pic.twitter.com/kxRY605qMZ
— Hudson Rock (@RockHudsonRock) January 4, 2023
In response to Hudson Rock’s tweet, a user posed a question to Twitter CEO Elon Musk regarding the authenticity of the breach. Mr Musk or Twitter has not responded as of the time of publication.
The breach is the most recent in a series of cybersecurity issues that the microblogging platform has encountered over the past year, and the second in less than a month.
If confirmed by Twitter, this would rank among the top 15 largest data breaches to date, according to cybersecurity firm UpGuard’s rankings.
It will not, however, surpass a data breach that Twitter experienced in 2018 when a password bug exposed the accounts of approximately 330 million users.
Citing a software vulnerability, Twitter confirmed in August a data breach that exposed the information of approximately 5.4 million of its users in July.
The hack “allowed someone to enter a phone number or email address into the log-in flow in an attempt to determine whether or not that information was associated with an existing Twitter account and, if so, which account,” the company said at the time.
It also adds to the lingering problems at the San Francisco-based company, which has endured a turbulent period since Mr Musk became its owner last year after purchasing it for $44 billion.
Hudson Rock did not identify the online forum that hosted Wednesday’s data dump, but it has been reported that the forum that hosted the December ad was a site known as Breached, which regularly posts and sells stolen data.