Hacker offers to sell over 200 million compromised Twitter profiles

A post by an unknown threat actor on the Breached hacking forum is allegedly offering a data set composed of 200 million compromised Twitter accounts for around $2, BleepingComputer reports. The data set has a combined size of 59 GB and is composed of six text files compiled in a RAR archive. One Twitter user profile is named in each line in the file, along with an email address, screen name, real name, account creation date, and follow count. The validity of the full data set has not been confirmed, but initial testing has validated many of the included email addresses. The threat actor claims that this set is the same as a set of 400 million Twitter profiles that were put up for sale earlier but modified to remove duplicates, though testing showed duplicates are still present. The leak is part of a 2021 data breach that exploited an API vulnerability in Twitter and whose stolen data multiple threat actors have been leaking online since July 22, 2022.