Over 5.4 million Twitter user records containing non-public information have been shared for free on a hacker forum.
The Twitter data breach consisted of public information as well as private phone numbers, passwords and email addresses — that are clearly not meant to be public.
5.4 million peoples’ user records were stolen through a vulnerability known as an API (application programming interface) attack. This API vulnerability closed in January 2022.
BleepingComputer reported on Monday that the user records may have been just the tip of the iceberg for a much larger breach in company data.
Another, potentially more significant, breach of millions of Twitter records was disclosed by a security researcher. This shows just how abused this API bug was by hackers.
Twitter accepted blame for the original exploit in their API and the breach of millions of user IDs. The social platform said it had notified users who were impacted by the data breach.
What can you do?
If you have been affected by the breach, then the first thing you should do is improve the security on your profile.
The best way to do this is by creating a two-step security on the account. These are also known as Two-Factor Authentication (2FA).
The team at hotukdeals has written a discussion about how to do this and why it will help protect your account.
Have a read and protect your personal data accordingly.