Hackers have reportedly stolen the email addresses of around 200 million Twitter users and posted them to an online hacking forum, according to a security researcher. It’s a huge breach for the social media site, who boast just shy of 450 million active users.
Alon Gal, co-founder of Israeli cybersecurity monitoring firm Hudson Rock said the security breach “will unfortunately lead to a lot of hacking, targeted phishing and doxxing”. He also labelled it “one of the most significant leaks I’ve seen”.
Gal first posted about the breach on Christmas Eve last year. According to The Guardian, Twitter has not responded to inquiries about the breach since that date and it remains unclear if any action has been taken in response.
Currently, there are no clues as to the identity of the hacker or the group behind the attack. It has been suggested the breach could have happened as early as 2021, before Elon Musk’s purchase of the site.
The creator of the breach notification site ‘Have I Been Pwned’, Troy Hunt, reviewed the leaked data on Twitter and said that it seemed “pretty much what it’s been described as”.
Claims regarding the size and scope of the breach have significantly varied. Early accounts claimed that up to 400 million email addresses and phone numbers were stolen. It’s a worrying statistic for Twitter, which has seen a 40 percent increase in audience since 2018.
The data protection commission in Ireland and the US Federal Trade Commission have reportedly been monitoring Twitter ‘for compliance with European data protection rules and a US consent order respectively’, and a major breach could be of huge interest to them.