According to a security researcher, hackers stole the email addresses of over 200 million Twitter users and posted them on an online forum.
The co-founder of Israeli cybersecurity-monitoring firm Hudson Rock, Alon Gal, said the breach would “unfortunately lead to a lot of hacking, targeted phishing, and doxxing.”
On LinkedIn, he called it “one of the most significant leaks” he’d ever seen.
Twitter has not responded to inquiries about the breach or commented on the report, which Mr. Gal first shared on social media on December 24.
It is unclear what steps, if any, Twitter has taken to investigate or correct the problem.
Screenshots of the hacker forum where the data was discovered on Wednesday have gone viral.
Reuters was unable to independently confirm that the data on the forum was genuine and came from Twitter.
The size and scope of the breach were initially disputed, with early reports in December claiming 400 million email addresses and phone numbers were stolen.
Troy Hunt, creator of breach-notification site Have I Been Pwned, said on Twitter after viewing the leaked data that it seemed “pretty much what it’s been described as”.
There were no hints about the identity or location of the hacker or hackers responsible for the breach.
It could have happened as early as 2021 before Elon Musk took over the company.
Scammers are costing Australians a lot of money.
Australians lost $424.8 million to scammers between January and September of this year. However, only 13% of victims reported crimes to Scamwatch.
When someone touches an iPhone screen, it illuminates.
Learn more
A significant breach at Twitter may pique the interest of regulators on both sides of the Atlantic.
Twitter has been monitored by the Data Protection Commission in Ireland, where it has its European headquarters, and the US Federal Trade Commission for compliance with European data protection rules and a US consent order, respectively.
Messages left with the two regulators were not returned immediately.