Twitter says leaked user data wasn't stolen from its systems

Twitter logo displayed on a smartphone
(Image credit: Shutterstock / XanderSt)

The leak of over 200 million email addresses belonging to Twitter users is not a result of an internal vulnerability being abused, the company has claimed.

In an update posted to the company website, the microblogging platform addressed the speculations that the threat actors abused the same vulnerability that was patched in January 2022, which hackers used to share details on more than five million Twitter users.

"In response to recent media reports of Twitter users' data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems," the company said. "[The] 200 million dataset could not be correlated with the previously reported incident or any data originating from an exploitation of Twitter systems," it added.

Data taken elsewhere

"None of the datasets analyzed contained passwords or information that could lead to passwords being compromised." Instead, Twitter believes the leak is an amalgamation of publicly available databases gathered elsewhere, likely through separate leaks. "The data is likely a collection of data already publicly available online through different sources,” it claims. 

Some experts are questioning Twitter’s arguments, asking why the company did not explain how the leaked data was accurately linked to email addresses associated with people’s Twitter accounts. 

The microblogging platform said it reached out to relevant data protection authorities and other organizations to provide more details about the incident.

In late November 2022, researchers discovered a major data dump of sensitive identity information, claiming it was probably due to a vulnerability that allowed anyone to cross-check if an email address or a phone number was associated with a Twitter account, and if so - which one. 

Millions of users from the US and EU were exposed, and the media managed to confirm the authenticity of at least some of the data posted to the dark web. 

Via: BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
SearchGPT OpenAI
Hackers offer 20 million OpenAI credentials for sale, but it says there's no evidence of a breach
Cartoon Phishing
One of the largest data leaks ever sees info on 1.5 billion people leaked online
the YouTube logo on a screen in front of other YouTube logos covering a black background
Worrying YouTube security flaw exposed billions of user emails
Data leak
Top collectibles site leaks personal data of nearly a million users
Data leak
A major Keenetic router data leak could put a million households at risk
The X logo next to a silhouette of Elon Musk
Who was really behind the massive X cyberattack? Here’s what experts say about Elon Musk’s claims
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC