[{"Name":"Twitter","Title":"Twitter","Domain":"twitter.com","BreachDate":"2022-01-01","AddedDate":"2022-08-13T02:29:52Z","ModifiedDate":"2022-08-13T02:40:49Z","PwnCount":6682453,"Description":"In January 2022, <a href=\"https://www.bleepingcomputer.com/news/security/hacker-selling-twitter-account-data-of-54-million-users-for-30k/\" target=\"_blank\" rel=\"noopener\">a vulnerability in Twitter's platform allowed an attacker to build a database of the email addresses and phone numbers of millions of users of the social platform</a>. In a disclosure notice later shared in August 2022, <a href=\"https://privacy.twitter.com/en/blog/2022/an-issue-affecting-some-anonymous-accounts\" target=\"_blank\" rel=\"noopener\">Twitter advised that the vulnerability was related to a bug introduced in June 2021</a> and that they are directly notifying impacted customers. The impacted data included either email address or phone number alongside other public information including the username, display name, bio, location and profile photo. The data included 6.7M unique email addresses across both active and suspended accounts, the latter appearing in a separate list of 1.4M addresses.","LogoPath":"https://logos.haveibeenpwned.com/Twitter.png","Attribution":null,"DisclosureUrl":null,"DataClasses":["Bios","Email addresses","Geographic locations","Names","Phone numbers","Profile photos","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false,"IsStealerLog":false},{"Name":"Twitter200M","Title":"Twitter (200M)","Domain":"twitter.com","BreachDate":"2021-01-01","AddedDate":"2023-01-05T20:49:16Z","ModifiedDate":"2023-01-05T20:49:16Z","PwnCount":211524284,"Description":"In early 2023, <a href=\"https://www.bleepingcomputer.com/news/security/200-million-twitter-users-email-addresses-allegedly-leaked-online/\" target=\"_blank\" rel=\"noopener\">over 200M records scraped from Twitter appeared on a popular hacking forum</a>. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.","LogoPath":"https://logos.haveibeenpwned.com/Twitter.png","Attribution":null,"DisclosureUrl":null,"DataClasses":["Email addresses","Names","Social media profiles","Usernames"],"IsVerified":true,"IsFabricated":false,"IsSensitive":false,"IsRetired":false,"IsSpamList":false,"IsMalware":false,"IsSubscriptionFree":false,"IsStealerLog":false}]