Massive Data Exposure on X (Twitter) Affects 200 Million Users

Pietro Melillo: July 8, 2024 1:51 p.m

Recently, X (Twitter) experienced a massive data exposure, compromising nearly 200 million user records. This incident could be one of the largest exposures of user data in recent history, jeopardizing the security and privacy of millions of users. In this article, we analyze the details of the exposure, its implications, and the potential risks to affected users.

Currently, we are unable to accurately confirm the authenticity of the breach, as no press release regarding the incident has been issued on the official website. Therefore, this article should be used as an “intelligence resource”.

Scope and source of data flow

The leaked database contains a large amount of data, totaling 9.4 GB. The source of the breach is a Twitter database or a copy of it, which was published on a popular hacking forum dedicated to breaches and data leaks. The topic title “9.4GB Twitter Database Leak – Exposing over 200 million records containing email addresses, names and Twitter account details” highlights the severity and scale of this data leak.

Details of the data leak

The malicious actor responsible for releasing the database, known as “michupa”, recently created an account on the forum (July 7, 2024). In the thread, “michupa” provides an overview of the incident, specifying that the breach is the most recent and involved over 200 million records. The sample of leaked data contains information such as email addresses, names, screen names, number of followers and account creation dates.

Types of data exposed

Exposed data includes:

• Email addresses
• Names
• X account details (screen names, number of followers, account creation dates)

Email addresses associated with Twitter accounts can be used for phishing, spamming, or other malicious activities. Twitter usernames and account information, including screen names and other profile details, can be used to identify individuals and potentially link them to other online profiles.

Implications and risks for users

Data exposure puts users at risk of various attacks, including phishing, identity theft, and social engineering schemes. With the large amount of personal information available, malicious actors can use this data to further compromise the accounts and systems associated with the affected email addresses.

Validity of Infringement

At the moment, we cannot exactly confirm the authenticity of the breach, as the organization has not yet released any official press release on their website regarding the incident. Therefore, this article should be considered an ‘intelligence source’ and not a confirmed report.

Conclusions and recommendations

The Twitter data breach poses a significant risk to the privacy and security of affected users. It is essential that affected users adopt appropriate security measures, such as changing passwords, enabling two-factor authentication, and being more alert to potential phishing attempts. Social platforms and relevant authorities should cooperate to mitigate the damage and prevent future violations of this type.

The incident serves as an important reminder of the importance of data security and the necessity of protecting personal information in an increasingly digital and interconnected world.

As is our custom, we always leave room for a statement from the company should they wish to provide us with updates on the matter. We would be pleased to publish such information in a specific article highlighting this issue.

RHC will monitor the evolution of the situation to publish further news on the blog, should there be substantial updates. If there are individuals informed of this matter who wish to provide information anonymously, they may use the whistleblower’s encrypted email.

Pietro Melillo
The head of the Dark Lab group. A Computer Engineer specialized in Cyber ​​Security with a deep passion for Hacking and technology, currently CISO of WURTH Italia, he was responsible for Cyber ​​Threat Intelligence and Dark Web analysis services at IBM, conducts research and teaching activities on the topics of Cyber ​​Threat Intelligence at the University of Sannio, as a PhD student, author of scientific papers and development of tools to support cyber security activities. Leads CTI team “RHC DarkLab”