A security researcher reported on Wednesday that hackers obtained the email addresses of more than 200 million Twitter users and put them on an online hacking forum.
The incident “will regrettably result in a lot of hacking, targeted phishing, and doxxing,” commented Alon Gal, co-founder of the Israeli cybersecurity-monitoring firm Hudson Rock, on LinkedIn. He said, “One of the biggest dumps I’ve ever seen.”
On December 24, Gal posted about the report on social media for the first time. Since then, neither Twitter nor inquiries about the breach have gotten any responses. It’s unclear what, if anything, Twitter has done to investigate or resolve the issue.
Screenshots of the hacker forum where the material originally appeared online on Wednesday have been circulated among online users.
Troy Hunt, the creator of the breach reporting website Have I Been Pwned, stated on Twitter after analysing the exposed data that it appeared to be “pretty much what it’s been described as.”
The hacker or hackers that carried out the intrusion were unknown in terms of identity or location. That might have occurred in 2021, prior to Elon Musk taking over the company last year.
Initial reports on the size and scope of the breach were contradictory, with some stating as early as December that 400 million email addresses and phone numbers had been compromised.
