It seems that the new head of Twitter, Elon Musk, in addition to image problems related to the dismissals of the platform's employees, will have to face further adversities. The data of over 5 million users of the platform has been made available on the hacking forum.
.webp)
History repeats itself
A few days ago, we wrote that WhatsApp suffered a huge data leak. At that time, it was confirmed that the hackers had put up for sale a database containing almost 500 million phone numbers of active users of Messenger. Now there is information about another such situation, which this time concerns the social networking site Twitter.
The first information that there is a vulnerability in the Twitter API appeared in January 2022. In July, a hacker began selling the private data of 5.4 million Twitter users on a hacking forum for $30,000.
And while most of the data consisted of public information such as Twitter username, name, location, and status, it also contained sensitive information such as phone numbers and email addresses.
![]() |
This data was collected in December 2021 using a Twitter API vulnerability exposed in the HackerOne bug bounty program. Using the user ID, cybercriminals could capture public account information as well as private information considered sensitive.
The situation seems really serious
In addition to the 5.4 million records, information on an additional 1.4 million Twitter profiles for suspended users has been released. They were collected using a different API, giving a total of almost 7 million Twitter profiles.
![]() |
Sample User Data Record (Source: BleepingComputer) |
An even larger data intercept was allegedly created using the same vulnerability. This in turn potentially contains tens of millions of Twitter data consisting of phone numbers and other data collected using the same API bug. BleepingComputer obtained a data leak file that contained over a million user numbers from France. The service has confirmed that the phone numbers are correct.