What happened
According to public breach records, the Twitter (200M) data breach on January 1, 2021 is reported to have exposed the personal information of 211,524,284 accounts.
In early 2023, over 200M records scraped from Twitter appeared on a popular hacking forum. The data was obtained sometime in 2021 by abusing an API that enabled email addresses to be resolved to Twitter profiles. The subsequent results were then composed into a corpus of data containing email addresses alongside public Twitter profile information including names, usernames and follower counts.
In 2021 threat actors exploited a Twitter API flaw that let anyone submit an email address or phone number and confirm the Twitter account tied to it. They used the flaw to resolve large lists of emails and phone numbers from prior breaches to public profiles. Twitter fixed the flaw in January 2022, and a dataset of roughly 211 million unique email addresses paired with names, usernames, and follower counts was published on a hacking forum in January 2023. This was an abuse of a legitimate API feature at scale rather than a hack of Twitter internal systems, and a noted breach researcher reported that most of the email addresses had already appeared in earlier breaches.
What data was exposed
The following types of personal data were compromised:
- Email addresses
- Names
- Social media profiles
- Usernames
Breach details
| Detail | Value |
|---|---|
| Breach name | Twitter (200M) |
| Date | January 1, 2021 |
| Accounts affected | 211,524,284 |
| Domain | twitter.com |
This summary is compiled from public breach-notification data and known leak databases. Figures reflect what those sources report and may be revised as more is learned. If something here looks wrong or you think your information is involved, contact our support team.
We report breaches as a factual record to help people check their exposure. Inclusion here is not an allegation of wrongdoing or negligence by Twitter (200M); it reflects a publicly reported security incident.
What to do now
Based on the data exposed in this breach, here are the steps you should take:
- Watch for targeted phishing emails that reference your name or Twitter username, since the leak ties your email directly to your account.
- Enable two-factor authentication on your Twitter account and any other account that shares the exposed email address.
- Use an email alias or unique address for social media so a leaked email cannot be linked across your other accounts.
- Tighten your Twitter privacy and discoverability settings, and remove your email and phone from account lookup options.
Check your exposure
Data breaches are one of the ways your personal information ends up on data broker sites. Run a free scan to see which sites are exposing your personal data — and take action to remove it.
Sources
- Have I Been Pwned: Twitter (200M) Data Breach
- BleepingComputer: 200 million Twitter users email addresses allegedly leaked online
Find out what data brokers know about you
Run a free scan to see which sites are exposing your personal information — name, phone, address, email, and more.
Start your free scan →