Hackers stole the email addresses of more than 200 million Twitter users and posted them on an online hacking forum, a security researcher said Wednesday.
The breach “will unfortunately lead to a lot of hacking, targeted phishing and doxxing,” Alon Gal, co-founder of Israeli cybersecurity monitoring firm Hudson Rock, wrote on LinkedIn. He called it “one of the most significant leaks I’ve ever seen.”
Twitter has not commented on the report, which Gall first posted on social media on Dec. 24, nor has it responded to inquiries about the breach since that date. It was unclear what action, if any, Twitter has taken to investigate or fix the issue.
Reuters could not independently verify that the data in the forum was authentic and came from Twitter. Screenshots from the hacking forum where the data appeared on Wednesday are being circulated online.
Troy Hunt, creator of whistleblower site Have I Been Pwned, saw the leaked data and said on Twitter that it looked “pretty much what it’s described as.”
There were no clues as to the identity or location of the hacker or hackers behind the breach. It could have happened as early as 2021, which was before Elon Musk took ownership of the company last year.
Claims about the size and scope of the breach initially varied, with early accounts in December saying 400 million email addresses and phone numbers had been stolen.
A major Twitter breach could interest regulators on both sides of the Atlantic. The data protection commission in Ireland, where Twitter has its European headquarters, and the US Federal Trade Commission have been monitoring the Elon Musk-owned company for compliance with European data protection rules and a US consent order, respectively.
Messages left with the two regulators were not immediately returned Thursday.
#Hackers #reportedly #leak #email #addresses #million #Twitter #users #Twitter