On Wednesday, a security researcher revealed that cybercriminals had stolen the email addresses of over 200 million Twitter accounts and published those on an online hacking website.
The incident “will regrettably result in a significant amount of phishing, targeted spamming, and doxxing,” Alon Gal, co-founder of Israeli cybersecurity-monitoring company Hudson Rock, said on LinkedIn. One of the “most serious leaks I’ve seen,” in his opinion. Gal originally shared the story on social media on December 24; since then, Twitter has not reacted or replied to questions regarding the hack. It was unclear what, if any, steps Twitter had taken to explore or fix the problem.
Reuters was unable to confirm the validity of the information presented on the forum by conducting its own investigation. Online, you may see pictures of the hacker website where the information was posted on Wednesday. As the founder of the breach-notification website Have I Been Pwned, Troy Hunt reviewed the exposed information and tweeted that it appeared to be “very much what it’s been characterized as.”
No information was available that might point to who was responsible for the breach or where they were located. Potentially as early as 2021, well before Elon Musk became CEO of the business last year.
There were conflicting reports in early December about how extensive the hack really was, with some claiming that 400 million email addresses, as well as contact information, were compromised. If Twitter suffers a significant breach, authorities on both ends of the Atlantic could take notice. Twitter’s European headquarters are in Ireland. Therefore, the country’s Data Privacy Commission and the Federal Trade Commission (FTC) have been keeping an eye on Elon Musk’s firm to make sure it’s following European data protection standards and an FTC consent order.