Twitter Hacked, 23.5 Crore Users’ Email Addresses Leaked
Hackers stole more than 20 crore Twitter users’ email IDs & uploaded them on a hacking site. This data breach led to lots of hacking, targeted phishing & doxxing.
According to a security researcher, hackers obtained the email addresses of more than 20 crore Twitter users and exposed them on a hacking platform online on Wednesday.
Alon Gal, co-founder of Israeli cybersecurity-monitoring company Hudson Rock, wrote on LinkedIn that the breach “will regrettably result in a lot of hacking, targeted phishing, and doxxing.” One of the biggest spills I’ve ever seen, he said.
Gal first discussed the report on social media on December 24, but since then, neither Twitter nor enquiries regarding the breach have received any comments. What steps, if any, Twitter has done to look into or fix the problem are unclear.
Reuters was unable to independently confirm that the information on the forum was real and originated from Twitter.
Online users have been sharing screenshots of the hacker forum where the information first surfaced on Wednesday.
After viewing the exposed data, Troy Hunt, the founder of the breach notification website Have I Been Pwned, commented on Twitter that it appeared to be “very much what it’s been described as.”
The identification or location of the hacker or cybercriminals responsible for the intrusion was unknown. Before Elon Musk acquired control of the business last year, in 2021, that might have happened.
At first, there were conflicting reports regarding the magnitude and scope of the breach, with early reports in December claiming that 400 million email ids and contact numbers were stolen.
A significant breach at Twitter may pique the interest of authorities on both sides of the Atlantic. Twitter is being watched for compliance with European data protection laws and a U.S. consent order by the Data Protection Commission in Ireland, where the company’s European headquarters are located, and by the Federal Trade Commission in the United States.
On Thursday, neither of the two regulators responded immediately to messages left with them.
