LONDON: Hackers stole the email addresses of more than 200 million Twitter users and posted them on an online hacking forum, a security researcher said on Wednesday.
Alon Gal, co-founder of Israeli cybersecurity monitoring firm Hudson’s Rock, wrote on LinkedIn that the breach would “unfortunately lead to a lot of hacking, target phishing and doxing.” He called it “one of the most important leaks I’ve ever seen.”
Twitter has not commented on the report, which Gale first posted on social media on Dec. 24, nor has it responded to inquiries about the breach since that date. It was unclear what action, if any, Twitter has taken to investigate or remedy the matter.
JEE News could not independently verify that the data on the forum was authentic and came from Twitter. Screenshots of the hacker forum, where the data was published on Wednesday, have circulated online.
Troy Hunt, creator of the breach-reporting site Have I Been Pwned, saw the leaked data and said on Twitter that it appeared to be “pretty much what was described.”
There was no indication of the identity or location of the hacker or hackers behind the breach. That could happen as early as 2021, which is before Elon Musk took ownership of the company last year.
Claims about the size and scope of the breach initially varied, with initial accounts in December saying 400 million email addresses and phone numbers had been stolen.
A major breach at Twitter could interest regulators on both sides of the Atlantic. The Data Protection Commission in Ireland, where Twitter has its European headquarters, and the US Federal Trade Commission are monitoring the Elon Musk-owned company for compliance with European data protection laws and a US consent order, respectively.
Messages left with the two regulators Thursday were not immediately returned.
