Connect with us

Hi, what are you looking for?



Twitter Finds No Evidence of Vulnerability Exploitation in Recent Data Leaks

Twitter says it has analyzed the recently advertised databases allegedly containing the information of hundreds of millions of its users and found no evidence that a vulnerability has been exploited.

Twitter says it has analyzed the recently advertised databases allegedly containing the information of hundreds of millions of its users and found no evidence that a vulnerability has been exploited.

In August 2022, Twitter informed customers that a vulnerability in its systems had been exploited to obtain user data. The flaw, patched in January 2022, was used to determine whether a specified phone number or email address were tied to an existing Twitter account.

Twitter confirmed exploitation of the vulnerability after reports started circulating that the flaw had been leveraged to collect data on 5.4 million users.

A few months later, a cybersecurity expert said he had obtained a database that appeared to show the Twitter data breach was far bigger than initially reported, with tens of millions of impacted accounts.

Twitter said the data was the same in both cases, but it never clarified exactly how many users are believed to be impacted.

In December, just before Christmas, someone offered to sell a database of 400 million Twitter user records allegedly obtained through the exploitation of the same flaw.

A few weeks later, in early January, an individual leaked a database containing the information of roughly 235 million Twitter users, including name, username, email addresses, follower count, and account creation date. Experts who analyzed the publicly available data said it likely came from web scraping.

Advertisement. Scroll to continue reading.

Twitter confirmed on Wednesday that the 200 million records were not obtained through the exploitation of the vulnerability patched in January 2022, nor other weaknesses in its systems.

In addition, the social media giant clarified that the 200 million records actually appear to be the same dataset as the previously sold 400 million records, but with duplicate entries removed.

The company also clarified that none of the leaked databases contained any passwords or other information that could lead to passwords getting compromised.

“Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems. The data is likely a collection of data already publicly available online through different sources,” Twitter said.

Ireland’s Data Protection Commission (DPC) announced in December that it had launched an investigation in response to the data leak reports involving 5.4 million Twitter users.

In the statement published this week, Twitter said, “We are in contact with Data Protection Authorities and other relevant regulators from different countries to provide clarification about the alleged incidents, and we will continue to do so.”

Just like Facebook, Twitter has its European headquarters in Ireland. Facebook and Instagram have been issued hundreds of millions of euros in fines in the past year in Ireland over data privacy violations.

The individual offering to sell the 400 million records was actually hoping that the massive fines issued to other social media companies would convince Twitter to buy the data itself to prevent it from getting leaked.

Related: Twitter Logs Out Some Users Due to Security Issue Related to Password Resets

Related: Twitter Security Chief Resigns as Musk Sparks ‘Deep Concern’

Related: Twitter Ex-Security Chief Tells US Congress of Security Concerns

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.