Toni Dimaano Tech 01.04.2023 22:Jan PM EST

Twitter Data Leak Results In Over 200 Million Users' Emails Compromised

Twitter users are at serious security risk as a result of malicious hackers disclosing 63GB of data that linked the identities and email addresses of the platforms' users.

The information breach allegedly containing the email addresses of over 200 million Twitter users was sold for roughly $2 on a well-known hacker forum, Bleeping Computer writes.

The Alleged Leak Is From A One-Year Old Breach

Large data sets of scraped Twitter user accounts have been sold and distributed since July 2022 by hackers and data breach collectors.

This information includes both private data such as phone numbers and email addresses, and publicly available information from numerous online hacker forums and black markets for cybercrime.

These data sets were produced in 2021 by using a flaw in the Twitter API that let users enter email addresses and phone numbers to check whether they were linked to a Twitter ID.\

Using a different API, the hackers then scraped the public Twitter data for the ID and paired it with private email addresses and phone numbers to generate Twitter user accounts.

Despite the fact that Twitter patched this vulnerability in January 2022, a number of cyberhackers have recently started to distribute the data sets they obtained over a year ago for free.

According to Bleeping Computer, the first 5.4 million user data collection was offered for sale in July for $30,000 and eventually made available for free in November 2022.

With that, a second data collection that purportedly included information on 17 million people circulated in private.

The Event Follows A December Incident Involving The Selling Of Over 400 Million Users' Data

It can be remembered that more recently, a hacker also allegedly started selling a data dump with 400 million Twitter profiles that were gathered exploiting this vulnerability.

The same kinds of data were included in the dataset that was made public in December, including Twitter handles, usernames, email addresses, and phone numbers.

As per a report by Cyber News, hackers created a comprehensive database using the earlier leak, deleted duplicates, and produced a more precise but smaller database as a result.

Security professionals believe that consumers are less likely to be shocked by the Twitter hack because they are accustomed to having their data leaked frequently.

Despite this, data protection watchdogs like the Ireland's Data Protection Commission say that they will keep a close eye on Elon Musk's company.

It can be remembered that aside from the Twitter breach, millions of user's data were exposed on Facebook, Linkedin, and other platforms as recently as a few weeks ago.

Because of this, the parent company of Facebook, Meta, was fined $277 million by Ireland's data protection authorities for disclosing the personal information of millions of users.

It is also important to note that European regulators have previously penalized Twitter for disclosing the personal information of 5.4 million users in July, Cyber News reports.

With the series of hacking that has been happening lately, Twitter users should be vigilant for targeted phishing attacks that aim to steal their passwords or other personal information.