The breach may have taken place as early as 2021(Picture: Dominic Lipinski/PA Wire)
Stolen email addresses of more than 200 million Twitter users have been posted on an online hacking forum, according to a security researcher.
On Wednesday, Alon Gal, co-founder of Israeli cybersecurity-monitoring firm Hudson Rock, took to social media to post about the alleged hack, calling it ‘one of the most significant leaks I’ve seen’.
Gal warned that the breach would ‘lead to a lot of hacking, targeted phishing and doxxing’.
Twitter has not commented on the report, which Gal first posted about on social media on 24 December, nor responded to inquiries about the breach since that date.
It’s unclear if Twitter has taken any steps to investigate or remediate the alleged leak.
Reuters could not independently verify the data on the forum was authentic and came from Twitter. Screenshots of the hacker forum, where the data appeared on Wednesday, have circulated online.
Troy Hunt, creator of breach-notification site Have I Been Pwned, viewed the leaked data and said on Twitter that it seemed ‘pretty much what it’s been described as’.
There were no clues to the identity or location of the hackers behind the breach that may have taken place as early as 2021, much before Elon Musk took over ownership of the company last year.
Claims about the size and scope of the breach initially varied with early accounts in December saying 400 million email addresses and phone numbers were stolen.
Last year, Twitter’s former head of security, Peiter Zatko, accused the company of falsely claiming to have a solid security plan.
Zatko said that he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software.
MORE : Pictures of woman on toilet taken by robot vacuum cleaner leaked online
MORE : Piers Morgan’s Twitter account quietly restored after being hacked with offensive tweets
The breach may have taken place as early as 2021.