On Wednesday, Twitter Inc stated that there was no evidence that data recently sold online was obtained by exploiting a vulnerability in the company’s systems. It stated that the data of 5.4 million accounts had been compromised due to a bug discovered early last year and fixed and disclosed over the summer.
Twitter stated in a blog post seen by Reuters that approximately 600 million pieces of user data could not be correlated with the previously reported incident, nor with any new incident.
“There is no evidence that the data being sold online was obtained by exploiting a Twitter system vulnerability. The data is most likely a compilation of data that is already publicly available online from various sources “It stated.
According to Reuters, the social media company informed users in August that a system vulnerability revealed users’ Twitter accounts by submitting their email address or phone number, after the company learned about it months earlier through a bug bounty program.
According to media reports in December, someone could gain access to over 400 million Twitter-associated user emails and phone numbers, and that the data was exposed via the same vulnerability discovered in January 2022.
According to a security researcher, hackers stole the email addresses of over 200 million Twitter users and posted them on an online hacking forum.
There were no hints about the identity or location of the hacker or hackers responsible for the breach. It could have happened as early as 2021, before Elon Musk took over ownership of the company last year.