There are no clues as to the identity or location of the hacker or the hacker who may have breached Twitter as early as 2021.
Hackers have stolen the email addresses of more than 200 million Twitter users and posted them on an online hacking forum, a security researcher says.
Alon Gal, co-founder of Israeli cybersecurity monitoring company Hudson Rock, wrote on LinkedIn on Wednesday that the breach “will unfortunately lead to a lot of hacking, targeted phishing and doxxing.” He called it “one of the most important leaks I’ve ever seen.”
Twitter has not commented on the report Gal first posted on social media on December 24, nor has it responded to questions about the breach since that date. It’s not clear what action Twitter took to investigate or fix the issue.
Reuters news agency could not independently verify that the data on the forum was authentic and came from Twitter. Screenshots of the hacker forum, where the data appeared on Wednesday, has gone viral online.
Troy Hunt, the creator of the breach notice page Have I Been Pwned, saw the leaked data and said on Twitter that it appeared “quite similar to what it was described.”
There are no clues as to the identity or location of the hacker or the hackers behind the breach. It could have taken place as early as 2021, before Elon Musk Takes Ownership company last year.
Claims about the size and scope of the initial breach varied with the first accounts in December, which said 400 million email addresses and phone numbers were stolen.
A serious breach at Twitter could concern regulators on both sides of the Atlantic. The Data Protection Commission in Ireland, where Twitter has its headquarters in Europe, and the US Federal Trade Commission have been monitoring the Musk-owned company for compliance with European data protection rules and approval order of the respective United States.
Messages left with the two regulators were not immediately returned on Thursday.