More than 200 million emails stolen from Twitter and leaked on a hacker forum

Over 200 million Twitter user emails stolen

More than 200 million emails stolen from Twitter and leaked on a hacker forumTwitter has not commented on one of the most significant data leaks in history

Cybercrime intelligence firm Hudson Rock[1] confirmed on Wednesday that hackers had posted the credentials of more than 200 million Twitter accounts, including email addresses, phone numbers, and account names, onto an online hacking forum. A hacker known as “Ryushi” claimed responsibility for the cache and demanded $200,000 from Twitter in exchange for the data's deletion.

BleepingComputer has confirmed the validity of many of the email addresses listed in the leak. The data sets were initially created in 2021 by exploiting a Twitter API vulnerability[2] that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID. Twitter then issued a statement:[3]

We want to let you know about a vulnerability that allowed someone to enter a phone number or email address into the log-in flow in the attempt to learn if that information was tied to an existing Twitter account, and if so, which specific account. We take our responsibility to protect your privacy very seriously and it is unfortunate that this happened.

This flaw was fixed by Twitter in January 2022, but multiple threat actors have recently begun to leak the data sets they collected over a year ago for free. The first data set of 5.4 million users was put up for sale in July for $30,000 and ultimately released for free on November 27, 2022.[4] Another data set allegedly containing the data for 17 million users was also circulating privately in November.[5]

Stolen data posted on hacker forum for $2

On January 4, 2023, a data set containing the email addresses and other personal information of about 221 million Twitter users was posted on the hacker forum site for 8 credits of the forum's currency, worth approximately $2. The data set is believed to be the same as the 400 million set that was circulated in November, but it has been cleaned up to remove duplicates.

The data was released as a RAR archive consisting of six text files, with each line representing a Twitter user and their data. Each line in the data represents a Twitter user and their information, which includes email addresses, names, screen names, follow counts, and account creation dates.

It is not currently clear who is responsible for posting the data on the hacker forum site. Twitter was contacted by BleepingComputer for comment on this data leak but has not received a response.

Have You Been Pwned?

If you are concerned that your email address may have been included in this data leak, you can check the website Have I Been Pwned (HIBP) to see if your information has been compromised. HIBP is a data breach notification service that allows users to see if their email address has been included in any previous data breaches. If your email address has been included in this data leak, there are a few steps you should take to protect yourself:

  • Change your password on any accounts that use the same email address and password as your Twitter account.
  • Enable two-factor authentication on your accounts to add an extra layer of protection.
  • Be cautious of any suspicious emails or messages that may be attempting to phish for your personal information.

If your email address has been included in this data leak, you may also suffer consequences such as spam emails and phishing campaigns. It is important to take steps to protect yourself and your information to minimize the impact of a data breach.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions

References
Read in other languages
Files
Software
Compare