Earlier this year, Twitter confirmed the data breach of more than 5.4 million social network users, which were extracted by attackers using an API vulnerability. Now this information, including phone numbers and email addresses, is published on one of the hacker forums.

The owner of the hacker forum Breached has confirmed that he is the person who collected the data of millions of Twitter users using an API vulnerability. He also announced that he had at his disposal a database with the data of 1.4 million social network users whose accounts he temporarily blocked. This database, according to him, was collected using a different API, but the hacker refused to disclose details.

Information security expert Chad Loder said that the Twitter API vulnerability could be used to collect data from tens of millions of platform users. Along with public information, the vulnerability could be used to extract user phone numbers, email addresses, etc. A data dump recently discovered by the researcher may contain information about more than 17 million Twitter users from around the world.

Note that the phone numbers and email addresses of Twitter users can be used by attackers for phishing and other fraudulent schemes. Users are advised to be careful about messages purporting to come from Twitter. It will also not be superfluous to switch to using two-factor authentication when authorizing on the platform.