A database with more than 200 million email addresses users of Twitter there was a leak in the past few hours. As indicated by BleepingComputerThe leaked list on a hacker forum also includes usernames and real names, dates the profiles were created, and the number of people following them. Fortunately, account passwords were not affected. But still, the event poses a serious security risk to those involved.
It is useful to specify that information which has been disclosed does not match a recent hack. Researchers were able to trace the source of the leak to 2021, when malicious actors were able to exploit a vulnerability in Twitter’s API. Using this, they were able to mass-enter phone numbers and email addresses to check if they were associated with social network accounts. And there is a bug with another API, they extract the details of the profiles in question.
Twitter removed the security flaw in January 2022, but this was not stated publicly until August. Over the next few months, several batches of user data began to appear on the web. However, it wasn’t until last November, when a hacker claimed to have a database of 400 million accounts created on the platform, that the case gained notoriety.
According to the analysis conducted by BleepingComputerThe 200 million email address list is the same as it was at the end of last year, except that the 200 million email address list is the same as it was at the end of last year. The difference is that was purged to remove duplicate data.. However, the list was shown to still contain duplicate information.
Is my email address part of the Twitter leak?
Experts who analyzed the case came to the conclusion that everything depends on whether the email address you use on Twitter was previously leaked. If your email address is obtained by scrapers from other websites, it must have ended up in the leaked database.
Fortunately, there is a way to check if your email is part of this Twitter leak. Troy Hunt, the creator of the website Am I fooled?has added over 200 million email addresses to its popular platform. By entering yours, you can find out if it is indeed in the hands of hackers.. But you’ll also be notified of any past releases where your email address has been involved.
In fact, Hunt himself said on Twitter that 98% of emails in the database are filtered multiple times.
There are no revelations here, IMHO, just confirmation that once the data is out, it is recirculated and reused over and over again. These addresses only show up in Twitter’s extracted data because they’ve already been compromised elsewhere, and the cycle continues…- Troy Hunt (@troyhunt) January 6, 2023
As for what to do if your email address is part of the Twitter leak, you have a few options. The first and most logical is to change the email address associated with your social network account. You can do this from Settings & Privacy > Your account > Account Information > E-mail. You can update your address there by editing it.
If you prefer a more drastic solution to deal with the leak, you can create a new email account and a new Twitter profile.. Although it also depends on how willing you are to lose your existing followers, which is also related to how many followers you have. Whichever option you choose, remember to use a strong password and enable two-step verification or two-factor authentication.
Also important is pay attention to the emails you receive in your inbox.. The data included in the Twitter leak could be used in scam, phishing or doxing attempts.