Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
Technology
Evening Standard Reporter

Hackers reportedly compromise 200 million Twitter users’ details

Trust in Elon Musk’s company is fading fast

(Picture: Elon Musk via AP)

The email addresses of more than 200 million Twitter users have reportedly been compromised in a data breach.

The UK has around 18 million Twitter users, but it’s unknown how many British users may have been impacted.

The social-media site has not yet confirmed the attack, but co-founder of Israeli cybersecurity firm Hudson Rock Alon Gal, who first announced the breach in a Linkedin post, called it ‘’one of the most significant leaks’’ he had ever seen.

Gal confirmed that the information, posted on a popular internet message board where cybercriminals share data, will likely ‘’lead to a lot of hacking, targeted phishing, and doxxing’’.

Though Gal’s claims have yet to be officially verified, he was able to share screencaps from the online boards to verify his claims.

The Elon Musk-led company has shed numerous IT staff since the $44 billion takeover was finalised in November, which sliced the company’s headcount nearly in half, as part of the tycoon’s cost-cutting measures.

A data breach has happened at Twitter (Yui Mok / PA)

This transition has taken much of the company’s key cybersecurity staff with it; Twitter’s information security chief Lea Kissner resigned via a Tweet in November last year.

However, it’s unknown whether the breach occurred while the firm was under Musk’s tenure and the data could have been compromised well before then.

Meanwhile, Twitter has been under attack for its alleged cybersecurity practices for years.

Twitter’s former head of security, Peiter ‘Mudge’ Zatko, alleged in August 2022 that in a filing to the US Securities and Exchange Commission, the Federal Trade Commission, and the US Justice Department, “he uncovered extreme, egregious deficiencies by Twitter in every area of his mandate, including… user privacy, digital and physical security, and platform integrity / content moderation”.

Zatko, who served at Twitter from November 2020 to January 2022, was fired by the previous Twitter CEO Parag Agrawal, who accused the exec of spreading false narratives.

The claims included allegations that 30 per cent of Twitter employees had disabled software and security updates on their devices.

Ceri Shaw, chief delivery officer at CodeClan, advises Twitter users to closely monitor suspicious activities, such as “password-reset emails, unusual pop-ups on their device, and targeted phishing emails”.

Shaw also strongly advises Twitter to consider looking at their security settings and regularly update passwords so that they are difficult to guess.

She added: “Passwords should use a combination of special characters, letters, and numbers, and should have no relevance to any of your personal information.”

The financial repercussions for Twitter in the wake of an incident like this could well be extremely steep, and we’ve seen multiple big tech firms receive multi-million fines as a result of serious data protection slip-ups.

In November 2022, Irish data-protection regulators fined Facebook owner Meta €265 million (£230m) in relation to a breach that led to more than 500 million users having their details leaked online, which supposedly affected a significant number of EU users.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.