Data of 235 million Twitter users leaked online

A database containing email addresses of 235,000,000 Twitter users has been offered on a popular hacker forum.

A data leak containing email addresses for 235 million Twitter users has been published on a popular hacker forum. Many experts have immediately analyzed it and confirmed the authenticity of many of the entries in the huge leaked archive.

At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform.

In January, a report published on Hacker claimed the discovery of a vulnerability that can be exploited by an attacker to find a Twitter account by the associated phone number/email, even if the user has opted to prevent this in the privacy options.

The vulnerability was exploited by multiple threat actors to scrape Twitter user profiles containing both private (phone numbers and email addresses) and public data. Then the scraped data were offered on various online cybercrime marketplaces.

In August, Twitter confirmed that the data breach was caused by the now-patched zero-day flaw submitted by the researcher zhirinovskiy via bug bounty platform HackerOne and that he received a $5,040 bounty.

In November, data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches were available online.

In December another Twitter data leak made the headlines, a threat actor obtained data of 400,000,000 Twitter users and attempted to sell it.

The seller claimed the database is private, he provided a sample of 1,000 accounts as proof of claims which included the private information of prominent users such as Donald Trump JR, Brian Krebs, and many more. The seller, who is a member of a popular data breach forum, claimed the data was scraped via a vulnerability. The database includes emails and phone numbers of celebrities, politicians, companies, normal users, and a lot of OG and special usernames.

Now, a threat actor published an archive containing the data of 235,000,000 users on Breach Forums that can be downloaded for eight credits.

The database is a cleaned version of the one published in December.

BleepingComputer reported that unlike previously leaked data collected using this Twitter API flaw, this data leak does not indicate whether an account is verified.

Experts warn that the leaked data can be used by threat actors to target the users of the platforms.

“Hackers will use the new leaked database in order to :
1. Target Crypto Twitter accounts (.eth in name or other methods)
2. Hack into high profile accounts (follower count or otherwise)
3. Hack into “OG” accounts with good usernames
4. Hack into political accounts
5. Doxx “anonymous” accounts that didn’t use a dedicated email for Twitter

It goes without saying that agencies around the world will use this database as well to further harm our privacy.” reported Alon Gal, founder of Hudson Rock.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]