Twitter gave an update on the investigation it initiated after discovering that the personal information of 200 million users was being sold online.
There is no proof that the data were obtained through breaking into the company's systems.
Since the 200 million dataset was not collected by abusing Twitter's servers, it was unable to be correlated with the previously disclosed incident.
The business emphasised that the vast amount of data is probably a component of a publicly accessible dataset that comes from various sources.
Based on data and intelligence analysed to look into the matter, there is no proof that the information being sold online was obtained through abusing a flaw in Twitter's infrastructure.
Source: https://securityaffairs.com/140683/data-breach/twitter-investigation-update.html
"id": "TWI1659131023",
"linkid": "twitter",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"