Twitter hack exposes 200 million email addresses

Twitter hack exposes 200 million email addressesThe usernames and email addresses for more than 200 million Twitter users have been posted on the dark web by hackers.

Hackers have recently posted the usernames and email addresses of these users on the dark web, compiled from previous breaches dating back to 2021. While the database doesn’t include passwords, it’s still considered a major security threat for those affected. Alon Gal, co-founder of Israeli cybersecurity firm Hudson Rock, warns that this leak will likely lead to a surge in hacking, targeted phishing, and doxxing.

Because there may be duplicate records in such massive data dumps, it is difficult to estimate how many users were affected by the attack. However, the database also contains text files that show email addresses, associated Twitter usernames, people’ true names (if they published them on the site), follower totals, and the dates on which their accounts were first created. Also noteworthy is the fact that this data was being offered for sale on a hacker forum for as little as $2.

The origin of the database can be tracked back to 2021, when hackers identified a weakness in Twitter’s security measures. By mass-entering email addresses and phone numbers to check whether they were associated with Twitter accounts, this vulnerability allowed hostile actors to automate account lookups. After it was reported as a bug bounty, Twitter acknowledged the vulnerability in August 2022 and said it had been addressed in January of the following year. However, security professionals had already discovered Twitter credential databases being sold in July of that year. This weakness, which remained unnoticed by Twitter for about seven months, appears to have been the source of the most recent database, which had more than 200 million accounts.

This incident is merely the most recent in a string of security problems that have dogged Twitter. The EU and the FTC are currently looking into the corporation for similar security breaches as a result of its longstanding struggles to safeguard the data of its customers. Peiter “Mudge” Zatko, Twitter’s former chief of security, even complained to the US government last August, saying the firm was hiding “egregious failures” in its cybersecurity protections.

All social media users should be aware of the dangers and take precautions to safeguard their personal information online. Take the following steps today:

 

Leave a Reply