Hackers stole the email addresses of more than 200 million Twitter users and made them public on an online hacking forum, security researchers said Wednesday.
Alon Gal, co-founder of Israeli cybersecurity monitoring firm Hudson Rock, wrote on LinkedIn that the breach “will unfortunately lead to many hacks, targeted phishing and doxxing.” He called it “one of the most significant leaks I’ve seen.”
Twitter did not comment on the report Gal first posted on social media on Dec. 24, nor has he responded to inquiries regarding the violation since that date. It was not clear what action was taken.
Reuters was unable to independently verify that the forum data is genuine and comes from Twitter. Screenshots of hacker forums showing data on Wednesday circulated around the internet.
Troy Hunt, creator of the Have I Been Pwned Security Breach Notification page, saw the leaked data and “looked pretty much as described,” he said on Twitter.
There were no clues as to the identity or whereabouts of the hacker or the hacker behind the breach, which could have happened as early as 2021, before Elon Musk took ownership of the company last year.
Initial claims about the size and scope of the breach varied, but early reports in December said 400 million email addresses and phone numbers of his had been stolen. A serious breach on Twitter could attract the attention of regulators on both sides of the Atlantic. The Irish Data Protection Commission, where Twitter has its European headquarters, and the U.S. Federal Trade Commission monitor whether companies owned by Elon Musk comply with European data protection regulations and U.S. consent orders, respectively. increase.
Messages left for the two regulators were not immediately returned on Thursday.