Twitter data breach exposes personal information of 5.4M users

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

Twitter data breach overview: 

• Who: Twitter confirmed that a data breach exposed the personal information of 5.4 million of its users. 
• Why: The data breach was the result of a vulnerability that allowed anyone who entered an email address or phone to discover the Twitter ID connected to that information. 
• Where: Consumers worldwide use Twitter.

Twitter confirmed a data breach exposed the contact information of 5.4 million account holders on its social networking platform. 

The stolen data, which connects phone numbers and email addresses to Twitter accounts, is reportedly for sale on a hacking forum for a $30,000 asking price, RestorePrivacy reports. 

The data breach reportedly occurred due to a vulnerability on Twitter’s platform discovered in January; Twitter has since acknowledged and patched the vulnerability. 

The vulnerability allowed anyone who entered a phone number or email address to find the connected Twitter ID, even for users who had chosen to have this information hidden in their privacy settings, RestorePrivacy reports. 

It is speculated that the hacker was able to obtain email addresses and phone numbers from other data breaches and used this data to search for associated Twitter accounts, according to RestorePrivacy. 

There is currently no way for Twitter users to find out if they were affected by the Twitter data breach, reports 9to5mac.  

Data breach settlement comes after Twitter settled claims it concealed engagement decline from investors

Last year, Twitter agreed to pay $809.5 million to resolve investors’ claims that it attempted to conceal a decline in user engagement by not reporting timeline views and being intentionally vague about how its user metrics functioned. 

Investors had argued that Twitter’s alleged actions of not honestly reporting the amount of engagement it had on a daily and monthly basis served to artificially inflate its stock price. The company denied any wrongdoing. 

In 2020, meanwhile, Twitter faced a separate class action lawsuit accusing it of fraudulently obtaining phone numbers that were allegedly then used for advertising purposes. 

The Twitter user behind the class action lawsuit argued Twitter violated a Washington state privacy law and misled her by allegedly falsely assuring that she would be in control of how the company could use her phone number. 

Are you worried you may have been affected by the Twitter data breach? Let us know in the comments! 

Read About More Class Action Lawsuits & Class Action Settlements:

• Data breach class actions seek to hold companies responsible for lack of security
• Data breach average cost tops $9.5M, according to report
• Health care data breach exposes data of 650+ medical providers
• LendingTree class action alleges data breach exposed data of 200K customers