Malicious actors stole the data of 235 million users, making them vulnerable to various attacks, a cyber expert has said.
Data from more than 200 million Twitter accounts has been leaked and posted by hackers on an online forum, a security analyst said on Wednesday.
In a post on LinkedIn, Alon Gal, the co-founder of Israeli cybersecurity firm Hudson Rock, revealed that the leak “contains 235,000,000 unique records of Twitter users and their email addresses.”
Describing the incident as “one of the most significant leaks I’ve seen,” Gal noted that this data “will unfortunately lead to a lot of hacking, targeted phishing, and doxing.”
According to the analyst, the breach will enable hackers to target Crypto Twitter accounts and crack profile pages belonging to prominent public figures and politicians.
“It goes without saying that agencies around the world will use this database as well to further harm our privacy,” Gal claimed.
Earlier, the analyst linked this apparent Twitter breach to the hacking of accounts pertaining to Canadian businessman Kevin O’Leary and UK broadcaster Piers Morgan.
The first reports of a major personal information leak date back to late December, when Gal, citing an “apparently credible threat actor,” said that hackers had stolen the data of around 400 million Twitter users. At the time, the malicious actors stated that data was obtained up to early 2022 due to an exploit in Twitter. According to Gal, the hackers also made an offer to Twitter CEO Elon Musk to buy the leaked records to avoid lawsuits.
Later, the researcher lowered the estimated number to 235 million, adding, however, that the database, which is “real and has an impact on almost every Twitter user,” is being circulated by more than one actor.
The social media platform has yet to comment on the reported breach. However, this comes after Twitter said in August 2022 that it had discovered a vulnerability in its system that allowed potential malicious actors who already had an email address or phone number to find any account that had shared that information with the platform.
At the time, Twitter added that in July, it learned that someone could have potentially used this loophole through a press report. Earlier, hackers were spotted selling private information from more than 5.4 million Twitter accounts.