The platform, which has been criticized for its recent decisions, is on the agenda with the Twitter email leak this time. Users who do not know how to react to the decisions taken by CEO Elon Musk are more than right to be angry because this time Twitter leaked their e-mail addresses.
A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. We have confirmed the validity of many of the email addresses listed in the leak.
Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private (phone numbers and email addresses) and public data on various online hacker forums and cybercrime marketplaces.
These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID. Twitter previously published a blog post to protect your information from such attacks.
How did the Twitter email leak happen?
On a well-known hacker site, a data dump allegedly containing the email addresses of over 200 million Twitter users was sold for roughly $2. A large number of the email addresses included in the breach have been verified as being legitimate.
Threat actors and data breach hunters have been selling and disseminating sizable data sets of scraped Twitter user profiles since July 22nd, 2022, encompassing both private (such as phone numbers and email addresses) and public data.
These data sets were produced in 2021 by taking use of a flaw in the Twitter API that let users enter email addresses and phone numbers to check whether they were linked to a Twitter ID.
Twitter email leak contains 200 million lines of information
A data dump purportedly comprising the email addresses of more than 200 million Twitter users was allegedly sold for about $2 on a well-known hacker website. Many of the email addresses exposed in the incident have been confirmed to be real.
Since July 22nd, 2022, threat actors and data breach hunters have sold and distributed massive data sets of scraped Twitter user accounts, including both private and public data such as phone numbers and email addresses.
By exploiting a weakness in the Twitter API that allowed users to enter email addresses and phone numbers to see if they were connected to a Twitter ID in 2021, these data sets were created.
Twitter email leak was published with a 59GB of a RAR file
On the Breached hacking forum today, a threat actor sold a data trove containing 200 million Twitter profiles for eight credits, which is roughly equal to $2. The material was made available in a RAR bundle with six text files totaling 59 GB in size. This data set reportedly corresponds to the 400 million-line set that was in circulation in November but has been cleaned up to remove duplicates, bringing the total down to about 221,608,279 lines.
A Twitter user’s information, such as email addresses, names, screen names, follower counts, and account creation dates, is represented by each line in the files. Today’s disclosure does not include information on whether an account is verified, in contrast to earlier leaks of data gathered via this Twitter API issue. Not every account is affected by the Twitter email leak.
Since many people were not included in the leak, the data set is far from complete. Your information may or may not be in this data set, depending on whether or not your email address was revealed in prior data breaches.
Threat actors compiled enormous lists of email addresses and phone numbers that had previously been compromised in data breaches in 2021. The API bug was then fed these lists by the scrapers to determine whether your phone number or email address had a corresponding Twitter ID.
Your email address wouldn’t have been added to this data collection if it was solely used by Twitter or if it wasn’t frequently compromised.
Are you in danger of the Twitter email leak?
Even though this data leak just includes email addresses, threat actors may exploit it to launch phishing attacks on accounts, particularly verified ones. Large followings from verified accounts are highly prized because they are frequently utilized in internet scams to steal cryptocurrency.
Additionally, this disclosure raises serious privacy concerns, particularly for anonymous Twitter users. It might be feasible to identify anonymous Twitter users using this leak and reveal their real identities.
Targeted phishing scams aim to steal your passwords or other sensitive information, so all Twitter users should be on the watch for these. It isn’t much you can do, sadly, if you’re worried that a leaked email address could identify your identity.
Although we cannot share the link of the platform where the Twitter email leak took place, we would like to remind you that if you want to check whether your information has been leaked or not, the Twitter email leak is shared publicly on the internet. There are serious question marks about the security of your information on the Twitter platform, which came to the fore with a data breach in 2022.