A security researcher on Wednesday reported that over 200 million email addresses of Twitter users were stolen and posted on an online hacking forum after the website was hacked.
Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock posted about the leak on LinkedIn saying that the database contains 235,000,000 unique records of Twitter users and their email addresses and that this will lead to a lot of hacking, targeted phishing, and doxxing. He also mentioned that it was one of the most significant leaks he had seen.
He mentioned that the leak will lead to multiple problems. The hackers can use the information to:
1. Target Crypto Twitter accounts (.eth in name or other methods)
2. Hack into high profile accounts (follower count or otherwise)
3. Hack into “OG” accounts with good usernames
4. Hack into political accounts
5. Doxx “anonymous” accounts that didn’t use a dedicated email for Twitter
He also mentioned it was obvious that agencies around the world will use this database as well to further harm people’s privacy.
It should be noted that there were no clues to the identity or location of the hacker or hackers behind the breach. It may have taken place as early as 2021, which was before Elon Musk took over ownership of the company last year.
Last month, a hacker claimed to have stolen the data of nearly 400 million Twitter users and put it up for sale on the dark web.
The data, including email address, name, screen name/username, account creation date and follower count was offered for 8 forum credits on a famous hacker forum, that amounts to $200,000.
It was observed that the count of compromised records was found to be over 200 million as compared to the announcement made on December 23, 2022 stating that 400 million records were gathered, “the reason being the presence of duplicate records.
A major breach at Twitter may interest regulators on both sides of the Atlantic. The Data Protection Commission in Ireland, where Twitter has its European headquarters, and the U.S. Federal Trade Commission have been monitoring the Elon Musk-owned company for compliance with European data protection rules and a U.S. consent order respectively.
(With inputs from IANS)