Twitter gave an update on the investigation it initiated after discovering that the personal information of 200 million users was being sold online.
There is no proof that the data were obtained through breaking into the company's systems.
Since the 200 million dataset was not collected by abusing Twitter's servers, it was unable to be correlated with the previously disclosed incident.
The business emphasised that the vast amount of data is probably a component of a publicly accessible dataset that comes from various sources.
Based on data and intelligence analysed to look into the matter, there is no proof that the information being sold online was obtained through abusing a flaw in Twitter's infrastructure.
Source: https://securityaffairs.com/140683/data-breach/twitter-investigation-update.html
TPRM report: https://scoringcyber.rankiteo.com/company/twitter
"id": "twi1659131023",
"linkid": "twitter",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '200 million users',
'industry': 'Technology',
'name': 'Twitter',
'type': 'Social Media Platform'}],
'data_breach': {'number_of_records_exposed': '200 million',
'type_of_data_compromised': 'Personal information'},
'description': 'Twitter discovered that the personal information of 200 '
'million users was being sold online. There is no evidence '
"that the data was obtained through a breach of the company's "
'systems. The data is likely part of a publicly available '
'dataset from various sources.',
'impact': {'data_compromised': 'Personal information of 200 million users'},
'investigation_status': 'Ongoing',
'title': 'Twitter Data Breach Incident',
'type': 'Data Breach'}