200M Twitter Users Data in BreachForums

Data pertaining to nearly 200 million Twitter users have been published on a hacking forum two weeks after data relating to 400 million Twitter users was offered for sale on the same forum.

The data is available to download from BreachForums, the listing describes the data as a “DB/Scrape Leak,” meaning that the data was gathered through access to Twitter and scraping public information. The database includes email addresses, names, screen names, the number of followers each Twitter user has and the date each joined Twitter.

This data listing comes from a different user than the previously offered 400 million Twitter records. The earlier data was believed to have been gathered by exploiting an application programming interface vulnerability that Twitter fixed in January 2022.

A second listing from a different user on Breach Forums claims to have taken the same data dump and cleaned it up, including removing duplicates. The second listing also claims that the records indicate that the information was collected from early November 2021 through Dec. 14, 2021.

Researchers warned that these data sets could be used to initiate social engineering or “doxing” campaigns.

The data breach that led to the listing on BreachForums is also subject to an inquiry by Ireland’s privacy regulator.