A Twitter API vulnerability in 2021 resulted in a leak that left private information for 5.4 million users exposed.
This was a scraping hack that involved multiple parties who were able to plug in phone numbers and emails and then extract contact and platform information that was not publicly available. As of January 2022, Twitter had fixed the vulnerability.
The contents of this breach were originally posted for sale in a forum for $30,000 in July of 2022. In September 2022 the contents were dumped in another forum, this time including data of an additional 1.4 million users that had been suspended. Then it was dumped yet again into a public forum in November, this time sans the suspended user data.
The data from this breach has been confirmed to be freely available, but it is believed there is a much larger data set, from a different breach, privately circulating among hackers.
So what was actually contained in this breach? According to BleepingComputer the owner of the hacking forum Breached confirmed information such as private email addresses, phone numbers, location, follower and friend counts, and verified status were included in the contents.
The type of information leaked is often used in phishing scams that could look like account suspension warnings
and claims that verified status will be lost unless the user takes action.