A large amount of information about Twitter users linking account names to email addresses has been released by hackers for free.
Many people are not too concerned about their email addresses falling into the hands of criminals. But why should you worry here.
On December 23, 2022, a user on a popular hacking forum reported that Twitter exploited a vulnerability in its API to harvest the personal information of 400 million users. He provided a sample of this data, which included email addresses, names, usernames, account creation dates, follower counts and, in some cases, phone numbers.
While the data was offered for sale, the hacker also offered to buy the data exclusively for Twitter to avoid fines related to the breach.
As Gizmodo reported on January 3, 2023, forum user StayMad revealed that the loot was actually “only” 200 million user accounts and did not contain phone numbers. . Other users have speculated that sales information and phone numbers were added to the sample to increase prices.
StayMad has also posted a link to download the data as a 67GB archive for free.
Even though personal information is limited to your email address, it can still cause some major headaches.
Information is available to everyone, not just criminals.
Under normal circumstances, information obtained from a data breach is sold on the dark web and used by criminals for possible financial gain. Since Twitter data is freely available, it can be used by anyone who is interested, doesn’t like what you have to say on the platform, or simply likes your profile picture.
Instead of being limited to a relatively small charity, your email address can be used and abused by anyone with an internet connection and the patience to download it.
Your email address facilitates bullying
You can post your life on Twitter and other platforms, but there are some details you want to keep off the site and some people you really don’t want to interact with or hear from. We’ve already shown how easy it is to find someone’s username on several platforms, but on most platforms you can block a person or, at worst, leave them completely. If you previously blocked someone on Twitter, they can now email you instead.
Your email security is compromised
If you Google your email address, it won’t show up. This means hackers and criminals are unlikely to know about it, and accounts you use this email address for are less likely to be targeted. Now that your email address is known to the world, it can be attacked. Criminals can use the information in your Twitter feed to increase their chances of cracking your password or tailor their spear-phishing attacks to increase their chances of success.
You are more susceptible to doxing.
Even if you have an anonymous Twitter account or just try to keep certain parts of your life private, your email address can provide a valuable clue to your true identity. This may seem like a small detail, but it’s probably one that attackers didn’t have before. This may include your full name or place of residence. It may be related to your school or the company you work for. This information can be added together until it is enough to identify you as an individual, which is doxxing.
Twitter’s data flaw is more dangerous than it seems.
While other recent data breaches have exposed more information, the Twitter data breach offers attackers and hackers the ability to link your email address to the intimate details of your life. To prevent this from happening to you in the future, please use an email alias when registering for an account on the Platform or Service.