A database containing information from 235 million Twitter users has become available online via a hacker forum. This is the second major hack-leak of user information Twitter has endured in the space of a month.
This time, the dataset includes 63GB of data. Cybernews reports the set includes email addresses, names, follower counts, Twitter hands, and account creation information. Unlike the last – admittedly more dangerous leak – this new set is completely open, available for free, and viewable by anybody.
The Washington Post suggests the information was likely taken from Twitter via a vulnerability on the micro-blogging site. Specifically, a flaw that allows people to access the phone number and email and match it to find the Twitter account.
Twitter confirmed the vulnerability in August last year, but learned of the flaw in January the same year. It was disclosed through the company's bounty program. Hackers were able to use the vulnerability to sell Twitter handles and account info.
It seems this new dataset leak comes from that.
Previous Hack
Late last month, information from 400 million Twitter users leaked online due to a programming interface bug.
A programming interface vulnerability in Twitter seemingly allowed a hacker to scrape account data from 400 million accounts on the micro-blogging site. That hacker or group of hackers is now selling the information on BreachForums.
Alongside offering the dataset to the highest bidder, the hacker also said Elon Musk and Twitter could buy the information. He says allowing the data to be stolen in the first place goes against the European Union's General Data Protection Regulation (GDPR) law. If Musk/Twitter buy the data, it “will prevent a lot of celebrities and politicians from phishing, crypto scams, sim swapping, doxing and other things that will make your users lose trust in you as a company.
Tip of the day: The Windows Sandbox gives Windows 10/11 Pro and Enterprise users a safe space to run suspicious apps without risk. In out tutorial we show you how to enable the Windows Sandbox feature.
