Twitter data leak have been in the spotlight since Elon Musk acquired the company. In December 2022, someone claimed to have a collection of 400 million Twitter account data, including user emails and phone numbers. Recently, a database claiming to contain over 200 million Twitter users’ data surfaced online and again made the platform a target for public criticism. However, Twitter says it found no evidence that the recent leak was due to the exploitation of its systems.
As per the latest reports, the alleged database probably contains data leaked from Twitter servers in 2021. “The data is likely a collection of data already publicly available online through different sources,” Twitter noted.
Recent Twitter data leak roots back to its vulnerabilities in 2021
The company also says none of these datasets contained passwords or any other information that could allow hackers to comprise users’ passwords. Of course, email addresses can still help hackers to target specific users. The latest reports also indicated that the platform still hasn’t fixed its API vulnerability that enables hackers to retrieve a Twitter account through phone number and email address.
BleepingComputer has shared a screenshot of those datasets containing email addresses, real names, follower counts, and account creation dates. The outlet says it could validate many of the emails listed there. The database is now for sale for only $2.
The creator of Have I Been Pwned website Troy Hunt also says he could find 211,524,284 unique email addresses in the database. You can enter your email address to his website to see if your email address was included in the database.
According to The Washington Post, hackers in 2021 could find a glitch in Twitter systems that allowed them to enter email addresses and check if it’s linked to a Twitter account. In August 2022, the company disclosed the issue and fixed it in January. While Twitter claimed no one had taken advantage of the leak, there were numerous reports about the Twitter database for sale in July 2022.
Twitter has laid off thousands of its employees under Elon Musk, including some of its security experts. The company even doesn’t have a functioning press office. Not having a strong security team will make the platform extremely vulnerable against future threats. The EU and FTC are now investigating Twitter over massive data breaches.