Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Twitter: check if your email address is among the 200 million leaked
#1
Exclamation 
Quote:Over 200 million email addresses were copied from Twitter in early 2023. News of the leak broke when the email addressed turned up in a hacking forum.

[Image: twitter-email-leak.png]

Active Twitter users and those who signed up for the messaging service in the past, but have not used the service actively for some time, may want to know whether their email address was included in the leak.

The data appears to have been obtained in 2021. The malicious actor abused an API that allowed "email addresses to be resolved to Twitter profiles".

The popular Have I Been Pwned website added the over 200 million email addresses to its database. Any user may check if a particular email address was included in the leak.

To check, simply visit the website linked above and enter the email address that you want to check. The site reveals if the email address was leaked in the Twitter hack or in any of the other password databases that it is aware of.

Note that the Twitter password was not included in the leak. Malicious actors may use the information for a number of activities, including:
  • Sending out phishing emails. Since email addresses, user names, names and other account information leaked, these may be used to make the phishing emails look more authentic.
  • Brute force attacks to get into certain accounts.
  • Other social engineering attacks, e.g., through chats and maybe even regular mail.
Some password managers collect public leak databases to inform their customers and users about leaked passwords. Users of the free local password manager KeePass, for instance, may check their passwords locally against the Have I Been Pwned database. Several online password managers and password managers of web browsers include similar functionality.

Email forwarding services may help in cases like these. Services, like Mozilla's Firefox Relay, AnonAddy, SimpleLogin, or DuckDuckGo's email protection service may be used for that.

Now You: do you use email forwarding services or password leak checkers?
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • ismail
Reply
#2
Unfortunately, one of my Twitter accounts was on the list. Hopefully I do not get spammed!

What Ghacks mentions about using email forwarding services to signup for online sites will help negate this problem in the future. I only recently started using them over the past couple of years, but I still have to convert some of my older accounts over.
[-] The following 2 users say Thank You to ray for this post:
  • harlan4096, ismail
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54
GFYI [Official] EaseUS Data Recovery Wi...
I utilize EaseUS Par...zevish — 08:10

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
harlan4096's profile harlan4096
Administrator

>