Have a Twitter account? Your personal info might be included in this leak

November 29, 2022

By Kim Komando

When sites and services get popular, they become enormous targets for cybercriminals. Obviously, that’s because there are more potential victims to exploit.

Even though Twitter is going through a rough patch, it still has millions of users globally. That made the Twitter data breach we reported in July frightening for users. In that breach, at least 5.4 million Twitter users had their data exposed. Tap or click here for more details.

The data was made available for sale on a hacker forum for $30 million and reportedly included the users’ names, phone numbers and email addresses. But things just got worse. A newly discovered batch of data shows that millions more Twitter users’ data is at risk. Keep reading to find out what’s happening.

Here’s the backstory

A flaw in Twitter’s application programming interface (API) let thieves skim millions of Twitter IDs by submitting a number or email to the system. Not only did this put user data at risk, but it can be used to expose users who restricted their profiles.

While Twitter acknowledged the breach of 5.4 million accounts, the actual number might be closer to 7 million. That’s because a batch of 1.4 million more Twitter users’ data has been discovered.

According to Gizmodo, the original data of the 5.4 million users showed up on a hacker forum last week. They noted that the additional 1.4 million from suspended accounts may still spread in private circles.

The uploader of the stolen data claims that the 1.4 million additional records were not supposed to be made public, with many speculating that millions more other records might still be exposed.  

What you can do about it

Twitter’s massive reach globally makes a data leak a frightening prospect. With millions of users’ data exposed, it’s an excellent time to take some safety precautions.

Here are a few things you should do following a data breach:

• Immediately change your password or username for the impacted account. This is the best defense against a data leak.
• Beware of phishing emails hitting your inbox. Scammers piggyback on breaches by sending malicious emails to trick you into clicking their links that supposedly have important information. Look for strange URLs, return addresses, and spelling and grammar errors.
• Use unique, complex passwords for every online account that hackers can’t easily guess. If you use the same credentials for multiple accounts and one account suffers a leak, it puts all the other accounts at risk.
• Where offered, use two-factor authentication (2FA). This adds another layer of protection beyond passwords when logging into an account. Tap or click here for more information on using 2FA.
• Change your passwords often, at least once every six months, to minimize the risk of a security breach. You can also check your email address against known database leaks and breaches through haveibeenpwned.com.
• Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Free app to quickly remove your pics and posts on Facebook, Twitter and more

What is Hive? How to use the popular new Twitter alternative