Jump to content
  • 200 million Twitter users' email addresses allegedly leaked online

    alf9872000

    • 482 views
    • 4 minutes
     Share


    • 482 views
    • 4 minutes

    A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak.

     

    Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private (phone numbers and email addresses) and public data on various online hacker forums and cybercrime marketplaces.

     

    These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID.

     

    The threat actors then used another API to scrape the public Twitter data for the ID and combined this public data with private email addresses/phone numbers to create profiles of Twitter users.

     

    Though Twitter fixed this flaw in January 2022, multiple threat actors have recently begun to leak the data sets they collected over a year ago for free.

     

    The first data set of 5.4 million users was put up for sale in July for $30,000 and ultimately released for free on November 27th, 2022. Another data set allegedly containing the data for 17 million users was also circulating privately in November.

     

    More recently, a threat actor began selling a data set that they claimed contained 400 million Twitter profiles collected using this vulnerability.

    200 million lines of Twitter profiles released for free

    Today, a threat actor released a data set consisting of 200 million Twitter profiles on the Breached hacking forum for eight credits of the forum's currency, worth approximately $2.

     

    This data set is allegedly the same as the 400 million set circulating in November but cleaned up to not contain duplicates, reducing the total to around 221,608,279 lines. However, BleepingComputer's tests have also confirmed duplicates in this latest leaked data.

     

    forum-post.jpg

    The initial sale of Facebook data in June 2020
    Source: BleepingComputer

     

    The data was released as a RAR archive consisting of six text files for a combined size of 59 GB of data.

     

    twitter-archive.jpg

    RAR archive containing leaked Twitter data
    Source: BleepingComputer

     

    Each line in the files represents a Twitter user and their data, which includes email addresses, names, screen names, follow counts, and account creation dates, as shown below.

     

    leaked-data.jpg

    Sample of leaked Twitter data
    Source: BleepingComputer

     

    Unlike previously leaked data collected using this Twitter API flaw, today's leak does not indicate whether an account is verified.

     

    While BleepingComputer has been able to confirm that the email addresses are correct for many of the listed Twitter profiles, the full data set has obviously not been confirmed.

     

    Furthermore, the data set is far from complete, as there were many users who were not found in the leak.

     

    Whether or not your information is in this data set highly depends on whether your email address was exposed in previous data breaches.

     

    In 2021, the threat actors created massive lists of email addresses and phone numbers that were exposed in previous data breaches.

     

    The scrapers then fed these lists into the API bug to see if your number or email address was associated with a corresponding Twitter ID with the email or phone number.

     

    If your email address is only used at Twitter or was not in many data breaches, it would not have been fed into the API bug and added to this data set.

     

    BleepingComputer has contacted Twitter regarding this leaked data but has not received a response to this or our previous emails.

    What should you do?

    Even though this data leak only contains email addresses, it could be used by threat actors to conduct phishing attacks against accounts, especially verified ones.

     

    Verified accounts with large followers are highly valued as they are often used to steal cryptocurrency through online scams.

     

    This leak is also a significant privacy concern, especially for Twitter users who tweet anonymously. With this leak, it may be possible to identify anonymous Twitter users and expose their real identities.

     

    All Twitter users should be on the lookout for targeted phishing scams that attempt to steal your passwords or other sensitive information.

     

    Unfortunately, if you are concerned about your identity being revealed by a leaked email address, there is not much you can do.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...