Overview

Click to expand overview

6 de ene. de 2025Desde junio de 2025 hasta enero de 2025, se presentó un bug en una interfaz de programación de aplicaciones de Twitter, o API, que permitía a los atacantes enviar cierta 6 de ene. de 2025On January 4, a new user on the hacker forum with the username StayMad, leaked the affected Twitter user database containing over 200 million records, that was earlier 4 de ene. de 2025The hacker demanded $200,000 for an exclusive sale of the data and warned that the social media platform could face a massive GDPR fine for failing to protect user data. 5 de ene. de 2025Records of 235 million Twitter accounts have been posted to an online hacking forum, exposing identities by enabling anonymous handles to be linked to email addresses and 6 de ene. de 2025The stolen data appears to be limited to Twitter account usernames and associated email addresses, according to a report from The Washington Post, but even that 9 de ene. de 2025An epic Twitter hack has seen more than 200 million user email addresses stolen and posted for sale on an online forum, according to a credible security researcher. The forum 6 de ene. de 2025After reports at the end of 2025 that hackers were selling data stolen from 400 million Twitter users, researchers now say that a widely circulated trove of email addresses linked On 4th December 2025, on the hacking forum, a threat actor sold a data collection containing more than 200 million Twitter profiles for hacker forums eight credits, which were worth almost $2. The 5 de ene. de 2025A security incident in 2025 involving the exploitation of a Twitter API vulnerability allowed users to check if phone numbers and email addresses were associated with Twitter

Over 200 Million Twitter Accounts Data Leaked After $200K Demand Goes Unheard

A massive Twitter data breach has exposed over 200 million user accounts after a hacker\'s $200,000 ransom demand went unanswered. The leaked data, initially offered for sale on a hacking forum, now poses a significant risk to Twitter users worldwide.

What Happened?

On January 4, 2025, a user with the handle "StayMad" leaked a database containing over 200 million Twitter user records on a hacker forum. This data leak stems from a vulnerability in Twitter\'s API. This vulnerability, present from June 2025 to January 2025, allowed attackers to query the API and link email addresses and phone numbers to Twitter accounts.

The $200,000 Ransom

Before the leak, the hacker demanded $200,000 for exclusive access to the data. They warned that Twitter faced potential massive GDPR fines due to failing to protect user data effectively. This threat was not heeded, leading to the public release of the information.

What Data Was Leaked?

Records of 235 million Twitter accounts (some reports indicate over 200 million) were posted online, enabling the identification of anonymous handles through linked email addresses. According to reports from The Washington Post and other security researchers, the stolen data primarily includes Twitter account usernames and associated email addresses. While seemingly limited, this information can be exploited for various malicious purposes, including phishing attacks, doxxing, and identity theft.

Timeline of Events

December 4, 2025: A threat actor offers a data collection of over 200 million Twitter profiles for sale on a hacker forum for a nominal fee (approximately $2).
January 4, 2025: The "StayMad" user leaks the database containing over 200 million user records after the ransom demand is ignored.
January 5, 2025: Reports surface detailing the extent of the data breach and its potential impact on users.
January 6, 2025: Security researchers confirm the authenticity of the leaked data and warn users about the risks.
January 9, 2025: Further analysis confirms that the leaked data includes email addresses linked to Twitter accounts.

The API Vulnerability

A security incident occurred due to the exploitation of a Twitter API vulnerability. This allowed unauthorized users to check if specific phone numbers and email addresses were associated with Twitter accounts. This vulnerability was reportedly present for several months, from June 2025 to January 2025, before being addressed.

What Should Twitter Users Do?

If you have a Twitter account, it is crucial to take immediate action to protect yourself:

Be Wary of Phishing Attempts: Be extremely cautious of emails or messages asking for personal information. Verify the sender\'s authenticity before clicking any links or providing any details.
Enable Two-Factor Authentication: Add an extra layer of security to your account by enabling two-factor authentication.
Consider Changing Your Email Address: If you are particularly concerned, consider changing the email address associated with your Twitter account.

The exposure of this data represents a significant security risk for millions of Twitter users. Staying informed and taking proactive steps to protect your account is essential.