Hackers leak email addresses of 235 million Twitter users: report

Hackers obtained the email addresses of more than 235 million Twitter users and published them on an internet forum, according to a cybersecurity expert.

The breach “will unfortunately lead to a lot of hacking, targeted phishing and doxxing,” Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock, wrote on LinkedIn.

On his LinkedIn page, Gal — who called the breach “one of the most significant leaks I’ve seen” — posted screenshots of the hacked email addresses that he found on the dark web.

“This database is going to be used by hackers, political hacktivists and of course governments to harm our privacy even further,” Gal told The Washington Post.

Twitter has not commented on the report, which Gal first posted about on social media on Dec. 24, nor responded to inquiries about the breach since that date.

Alon Gal of the Israeli cybersecurity firm Hudson Rock posted an item on LinkedIn announcing the leak.
Alon Gal of the Israeli cybersecurity firm Hudson Rock posted an item on LinkedIn announcing the leak.
LinkedIn/Alon Gal

It was not clear what action, if any, Twitter has taken to investigate or remediate the issue.

Screenshots of the hacker forum, where the data appeared on Wednesday, have circulated online.

There were no clues to the identity or location of the hacker or hackers behind the breach. It may have taken place as early as 2021, which was before Elon Musk took over ownership of the company last year.

Claims about the size and scope of the breach initially varied with early accounts in December saying 400 million email addresses and phone numbers were stolen.

Gal also posted screenshots of the hacked email addresses that he found on the dark web.
Gal also posted screenshots of the hacked email addresses that he found on the dark web.
LinkedIn/Alon Gal
Gal said that the hack could leave people vulnerable to phishing and doxxing attacks.
Gal said that the hack could leave people vulnerable to phishing and doxxing attacks.
LinkedIn/Alon Gal

Phishing is a tactic used by cybercriminals who send emails or text messages claiming to be from reputable companies. These messages ask their targets to send them personal information, including credit card numbers, passwords, and other sensitive data.

“Doxxing” is the practice whereby internet users maliciously post the address or other sensitive information online of an individual without their consent.

The social media company has yet to comment on Gal's claims.
The social media company has yet to comment on Gal’s claims.
Anadolu Agency via Getty Images

Troy Hunt, creator of breach-notification site Have I Been Pwned, viewed the leaked data and said on Twitter that it seemed “pretty much what it’s been described as.”

A major breach at Twitter may interest regulators on both sides of the Atlantic.

The Data Protection Commission in Ireland, where Twitter has its European headquarters, and the US Federal Trade Commission have been monitoring the Elon Musk-owned company for compliance with European data protection rules and a US consent order respectively.

In November, the official Twitter account of The Baltimore Sun was hacked by cybercriminals who then sent out several vulgar messages.

With Post Wires

Content Source

Dallas Press News – Latest News:
Dallas Local News || Fort Worth Local News | Texas State News || Crime and Safety News || National news || Business News || Health News

texasstandard.news contributed to this report.

Related Articles

Back to top button