Data Breach

Twitter Data Breach

5.4M records exposed • January 2022

Hackers found a bug in Twitter that let them figure out which email addresses and phone numbers belonged to which Twitter accounts. They used this to build a database of 5.4 million users.

What Happened

A vulnerability in Twitter's API allowed attackers to link email addresses and phone numbers to Twitter accounts. The data of 5.4 million users was later sold online.

Attack method: API vulnerability exploitation

What Data Was Exposed

Email addresses, Phone numbers, Twitter IDs, Public profile data

Is your business exposed?

What to Do If You're Affected

1.
Check if you are affected at haveibeenpwned.com
2.
Remove phone number from Twitter
3.
Be cautious of targeted phishing

Lessons for Businesses

• APIs need rate limiting and abuse detection
• Bug bounty programs help find vulnerabilities
• Linking personal data to accounts creates risk

Sources

https://twitter.com/TwitterSupport/status/1549803528483405829

Related Breaches

Facebook 2019, Linkedin

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required