On Wednesday (January 4), a security researcher named Alon Gal informed that hackers have stolen the email IDs of over 23 crores Twitter users and made them available publicly on an online hacking forum. Alon Gal is the co-founder of an Israel-based cybersecurity firm named Hudson Rock.
In a LinkedIn post, he wrote, “The database contains 23,50,00,000 unique records of Twitter users and their email addresses and will, unfortunately, lead to a lot of hacking, targeted phishing, and doxxing. This is one of the most significant leaks I’ve seen.”
Twitter database leaks for free with 235,000,000 records.
— Hudson Rock (@RockHudsonRock) January 4, 2023
The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.
This is one of the most significant leaks ever. pic.twitter.com/kxRY605qMZ
In another LinkedIn post, Alon Gal warned, “Hackers will use the new leaked Twitter database in order to target Crypto Twitter accounts (.eth in name or other methods), hack into high profile accounts (follower count or otherwise), hack into “OG” accounts with good usernames…”
He added that hackers will also attempt to compromise political accounts or anonymous accounts that did not use a dedicated email for their Twitter accounts. “It goes without saying that agencies around the world will use this database as well to further harm our privacy,” he concluded.
According to the creator of ‘Hae I Been Pwned’, Troy Hunt, informed, “Firstly, the 98% “pwned before” rate clearly indicates the email addresses were taken from other data breaches then used to query the vulnerable API.”
A couple of quick pieces of commentary now then I’ll do some deeper analysis later on: Firstly, the 98% “pwned before” rate clearly indicates the email addresses were taken from other data breaches then used to query the vulnerable API. https://t.co/zW4pp0UetL
— Troy Hunt (@troyhunt) January 5, 2023
As per a news report by Bloomberg, the leaked Twitter database (dating back to 2021) has exposed the names and email addresses of politicians, bankers, and even journalists.
“The data that was leaked doesn’t contain sensitive details like credit card information, Social Security numbers, or home addresses, and so far, it appears that bad actors haven’t exploited it to cause harm,” the report claimed.
