On January 4, 2023, a massive data breach exposed the email addresses of over 200 million Twitter users. The breach was caused by a vulnerability in Twitter's API that allowed hackers to scrape data from the platform. This data could be used by malicious actors to target users with phishing attacks, spam, or other forms of online harassment.
The breach was first reported by Alon Gal, co-founder of the Israeli security company Hudson Rock. Gal found the data dump on a popular underground marketplace, where it was being sold for 10 Bitcoin (about $46,000 at the time). The data dump included the email addresses, usernames, and creation dates of over 200 million Twitter accounts. It did not appear to include passwords or other sensitive information.
Twitter confirmed the breach on January 5, 2023. The company said that it had fixed the vulnerability that was exploited and was working to notify affected users. However, it is unclear how many users were actually notified.
The breach is a major security incident for Twitter. It is the largest data breach in the company's history and one of the largest data breaches in history. The breach could have a significant impact on Twitter users, who may now be more vulnerable to phishing attacks, spam, and other forms of online harassment.
How to protect yourself in the wake of the breach
Enable two-factor authentication. Two-factor authentication adds an extra layer of security to your account by requiring you to enter a code from your phone in addition to your password when you log in.
Be careful about what information you share on Twitter. Avoid sharing personal information, such as your home address or phone number, on Twitter.
Be aware of phishing attacks. Phishing attacks are emails or messages that appear to be from a legitimate source, such as Twitter, but are actually from malicious actors. These emails or messages may contain links that, when clicked, will take you to a fake website that looks like the real Twitter website. Once you enter your login information on the fake website, the malicious actors can steal your password and access your account.
Report suspicious activity. If you see any suspicious activity on your Twitter account, such as unauthorized logins or changes to your settings, report it to Twitter immediately.
The January 4, 2023 Twitter data breach is a reminder that no online platform is completely secure. It is important to take steps to protect your privacy and security, especially on social media platforms like Twitter.
