Twitter’s January Data Leak Left 200 Million Users Exposed

    Twitter’s January Data Leak Left 200 Million Users Exposed

    The last year has been tough for social media giant Twitter, with volatility in the markets, new user rules, a proliferation of scams, and of course, data leaks. In fact, Twitter also started January with this year’s first major data leak, in which a gigantic 200 million user email addresses were stolen and disseminated for free on hacker forums.

    Twitter’s January Data Leak

    On January 5th, researchers reported that a huge data leak had occurred, with 235,000,000 records of Twitter users and their email addresses being published on the “Breached” hacker forum. The data was contained in a RAR file and consisted of 59GB of data.

    The hack used an existing Twitter API vulnerability to access email addresses and phone numbers; public data was then scraped to match these addresses/numbers to user accounts, enabling the hackers to create the Twitter profiles.

    Twitter Data Leak Jan 2023_Bleeping Computer
    Source: Bleeping Computer

    Noted security expert and founder of Hudson Rock, Alon Gal, stated: “This is one of the most significant leaks I’ve seen … [It] will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.”

    As investigations are ongoing, the controversy continues. While Twitter claims the leak was not due to a vulnerability in its systems, others disagree. At present, a large lawsuit is currently ongoing in California, with the legal challenge stating:

    “At no point does Twitter disclose in their Privacy Policy that they allow cybercriminals to commandeer Twitter’s API in order to scrape sensitive PII from Twitter and to then weaponize or sell that information on the dark web … [Twitter] buried its head in the sand.”

    Was My Email Leaked and What Can I Do?

    In a world of constant data leaks and breaches, the best thing you can do is a) have reliable cybersecurity protection, and b) ensure you will find out ASAP in the event of being affected. We would encourage readers to head over to our new FREE ID Protection platform (AKA “idpanda”), which has been specifically designed to meet these challenges.

    Trend Micro Free ID Protection_ID Panda

    With Identity Protection, you can:

    1. Check to see if your data (email, number, password, social media) has been exposed in a leak,
    2. Secure your social media accounts with our Social Media Account Monitoring tool, with which you’ll receive a personal report,
    3. Receive the strongest tough-to-hack password suggestions from our advanced AI.
    Trend Micro Free ID Protection_ID Panda_Email Check.jpg

    All this for free — give it a go today. As always, we hope this article has been an interesting and/or useful read. If so, please do SHARE it with family and friends to help keep the online community secure and informed — and consider leaving a like or comment below. Here’s to a secure 2023!

    Post a comment

    Your email address won't be shown publicly.


    • By Jason Hunter | March 2, 2023
    This website uses cookies for website functionality, traffic analytics, personalization, social media functionality and advertising. Our Cookie Notice provides more information and explains how to amend your cookie settings.