Twitter has denied that it was hacked and that the data being sold online came from its systems. Last week, Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock, reported on LinkedIn that he had discovered a data leak containing the email addresses of over 200 million Twitter users. Gal stated that the data had been posted on a hacking forum and that the breach could lead to “hacking, targeted phishing, and doxxing”, which he deemed a ‘significant leak’. He also said that Twitter had not responded to him when he had alerted the company about the incident.
Twitter has now issued a response regarding the alleged data leak “in response to recent media reports of Twitter users’ data being sold online, we conducted a thorough investigation and there is no evidence that recently sold data was obtained by exploiting a vulnerability of Twitter systems.”
In a new post on LinkedIn, Alon Gal of Hudson Rock has disputed Twitter’s statement that the data being sold online is not from its platform. Gal stated, “The authenticity of the leak is evident in the lack of false positives between Twitter usernames and emails found in the database, unlike in cases of data enrichment.” He insists that the data is legitimate and came from a Twitter hack.
In the past, Twitter had reported a data breach in which the information of 5.4 million accounts was compromised due to a bug that has since been fixed. However, in January 2022, the company was notified of a vulnerability in its systems that allowed for the automatic identification of email addresses or phone numbers linked to an associated account.
In July 2022, Twitter discovered that hackers had taken advantage of the previously reported vulnerability and scraped the personal information of users, including phone numbers, and were selling it online. The company informed the affected users. In its recent statement, Twitter confirmed that the data of 5.4 million accounts were impacted by the earlier bug and that the issue had been resolved. The company also stated that the newly surfaced dataset of 200 million users could not be linked to the previous incident or any data obtained through exploiting Twitter’s systems.
In December 2022, reports surfaced claiming that a massive dataset containing 400 million email addresses and phone numbers had been stolen from Twitter, which the company denied. The company stated that it has found no evidence to suggest that there has been a new data breach on its platform and that it was continuing to investigate the matter and take appropriate actions to protect its users’ data. According to Twitter, “None of the datasets analyzed contained passwords or information that could lead to passwords being compromised.”
A researcher has reported that a massive dataset containing 600 million email addresses of Twitter users has been leaked and shared on online hacker forums. The researcher, who first reported the leak on December 24th, stated that there were no indications as to the identity or location of the hacker or hackers behind the breach. Twitter has denied that the data came from its systems, stating that it has found no evidence to suggest that there has been a new data breach on its platform. The researcher is urging other security experts to examine the leaked data and determine if it is an enrichment of some sort or if it did originate from Twitter’s servers.
It is uncertain when the data was obtained. However, considering that the company has acknowledged the existence of a previous vulnerability, it is probable that the scraping occurred in 2021, prior to Elon Musk’s acquisition of the company.
Cybersecurity experts advise users to be cautious with emails or messages that claim to be from a company, particularly those that ask for passwords or other sensitive information. For instance, a common scam on social media platforms is a Direct Message sent from an account that appears to be from Twitter support. The user is warned that their content is violating some rules and they are asked to enter login details again or else the account will be blocked. This is typically a scam, with hackers attempting to take over an account. Since Twitter is unlikely to send warnings via Direct Messages, users should ignore such messages and mark them as spam.
It is recommended that users also double-check the URL before entering login details, as this can also be a way to check if the site is legitimate or not. The URL should typically have a padlock symbol at the beginning and start with HTTPS, which indicates that the site is secure. Also, users should look out for spelling errors, which are common in most phishing URLs.