Leaked User Data For 5.4 Million Twitter Accounts Appears Online

Data from over five million Twitter accounts have been leaked online, and even more, may have been shared privately. The data was stolen earlier this year, and at the time two parties were said to have bought the data with the intention of releasing it on the internet. So far data relating to 5.4 million accounts have been released. While this is a small fraction of the estimated 330 million active accounts on the platform, it could still represent serious risks for the users involved and there are allegedly other leaks to come which will compromise a larger section of the user base.

Twitter confirmed the leaks were authentic shortly after news of the hack broke over the summer. While user data is involved, Twitter said no passwords were compromised during the hack. The data has since been released on a hacking forum, where it can be freely downloaded and searched through.

Elon Musk has faced plenty of criticism for his actions since taking over at Twitter, and those actions have led to a number of high-profile issues, but the breach itself took place long before the billionaire bought the platform. Twitter's new owner has yet to comment on the leak, its ramifications, or how he intends to prevent similar occurrences in the future.

What has been leaked exactly?

BleepingComputer has an example of a leaked user record, and if it's accurate there may not be too much to worry about. The only piece of sensitive information visible is the email address the user has linked to the account. Beyond that, information like the user's screen name, follower count, bio, and verification status are all publicly available anyway. You can determine all of those just by viewing someone's profile. The leak is also said to include private phone numbers, which is a bit more serious than email addresses and what is essentially publicly available profile information.

Private emails and phone numbers being linked to Twitter accounts could be very bad news for certain users, like high-profile whistleblowers who could be penalized by the companies they have acted against. There are also other reasons people opt to remain anonymous. Domestic violence survivors and people who have been troubled by stalkers could now have their private social media profiles linked to them — giving their abusers another way to contact them. 

There could be an even bigger data dump the hackers have compiled, which includes "entire countries" worth of information and over a million phone numbers attached to users in France. Other affected nations include several other countries in Europe, the United States, and Israel. The second breach could include information from up to 17 million people, though this has yet to be verified.