Twitter Comes Under Cyber Attack, More than 200 Million User Email Addresses Stolen

Written by: Arjita Gupta

Edited by: Krutarth

Last Updated: January 06, 2023

Twitter was hacked, wherein 200 million Twitter users were affected as the hackers stole their email addresses, and then they even posted the details on an online hacking forum. The information about the incident emerged from a security researcher. The co-founder of Israeli cybersecurity-monitoring company, Hudson Rock – Alon Gal, wrote on LinkedIn that the breach will result in a lot of targeted phishing, hacking, and doxing. And to date, this is one of the most significant leaks he has ever seen.

After Gal posted on social media about the hacking on 24 December, Twitter has not yet made any other comment on this report nor have they responded to breach-related inquiries from that date. So, there is no clarity on which action has been implemented by Twitter or steps to examine the issue. Since then, screenshots of the leaked email addresses posted on the online hacking forum have been widely circulated online.

However, there has been no independent source to verify the data, which has taken the internet by storm. Thus, it is not sure whether the data and the news about the hacking came from an authentic place. The creator of the breach-notification site, Troy Hunt of Have I Been Pwned went through the leaked details and opined through a tweet that it seems to be pretty much like what has been described.

But who has hacked or is the one behind the breach, no clues are available as to the location and identity of the person or group. The hacking of email addresses could have taken place early in 2021. Or a period well before last year, when Elon Must had ownership of the company. In December, the early accounts and the claims about the scope and size of the breach were also reported variedly, indicating that 400 million phone numbers and email addresses were stolen.

The information about the data breach on Twitter may however be a subject of interest for regulators on either side of the Atlantic. Twitter has its headquarters in Europe as The Data Protection Commission in Ireland and the U.S. Federal Trade Commission. These regulatory bodies have yet to respond to the breach. But they are the ones who oversee Twitter’s compliance with data protection rules in the Europe and U.S. consent order.