Connect with us

News

Twitter data breach exposes millions of email addresses

Users’ email and phone numbers have been leaked after the vulnerability.

Twitter logo on blurred background
Image: KnowTechie

Twitter warned of an API vulnerability in August but said there was “no evidence” of a data breach. That’s no longer the case.

A new report from BleepingComputer confirms that user records stolen from that breach are now available for free on a hacking forum.

BleepingComputer explains that the breach occurred in December 2021. Threat actors sold the information in July on a hacking forum for $30,000.

The majority of the data acquired in the vulnerability was public. Things like Twitter IDs, names, login names, and other public information were easily accessible through the API vulnerability.

However, the breach also surfaced private information, such as email addresses and phone numbers. That information was subsequently sold, as it could be used for phishing and other scams.

https://twitter.com/murphtracks/status/1596161039460339712

And now a leaker has dumped all that private information on another hacking forum for free. That’s 5.4 million Twitter profiles whose email addresses and phone numbers are now free to hackers.

Another much larger data breach was allegedly created thanks to the same vulnerability.

Chad Loder, a security expert, recently posted evidence of a “massive Twitter data breach” on Mastadon. (They originally posted on Twitter, but Twitter banned them shortly after for unknown reasons).

Chad loder mastodon post about twitter
Screenshot: KnowTechie

This breach comes from the same vulnerability. Though BleepingComputer confirmed with the original leaker that another threat actor was responsible for this particular dump.

This time, the breach supposedly contains more than 17 million records broken up by country and area codes. That could leave tons more people vulnerable to harm from phishing scams.

Be wary if you get any emails regarding your Twitter account in the future. Be sure not to share any information unless you are absolutely sure the source is reputable. And go ahead and update your passwords.

Have any thoughts on this? Carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Staff writer at KnowTechie. Alex has two years of experience covering all things technology, from video games to electric cars. He's a gamer at heart, with a passion for first-person shooters and expansive RPGs. Shoot him an email at alex@knowtechie.com

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Deals of the Day

More in News