MILLIONS of Twitter accounts were potentially affected in a data breach across Europe and the United States.

Last week, cybersecurity expert Chad Loder drew attention to last year’s breach on Twitter and within hours their account was suspended. 


Millions of Twitter users across Europe and the US have been impacted by a data breachCredit: Getty
Cybersecurity expert Chad Loder flagged the breach last week


Cybersecurity expert Chad Loder flagged the breach last weekCredit: Twitter/@chadloder
The data breach affects users who have a specific discoverability setting enabled


The data breach affects users who have a specific discoverability setting enabledCredit: Twitter/@chadloder

On November 23, Loder, who is nonbinary and uses they pronouns, revealed they received evidence of the “massive breach” that occurred “no earlier than 2021.”

“This Twitter data breach has not been reported before,” Loder wrote in a Twitter thread captured by WayBack TimeMachine

Loder detailed that any Twitter account that has the discoverability setting which allows others to find your account “by your phone” activated were affected by the breach. 

“All accounts for the entire country code of France (+33) are listed in the dataset with their mobile numbers,” Loder said, revealing that the breached data set also includes verified accounts, celebrities, politicians and government agencies. 

Official warning for all Microsoft users as data breach confirmed
Hacker claims to have leaked 500million WhatsApp numbers on Dark Web

“From what I have confirmed, the breached Twitter data covers, at a minimum, the full phone number spaces for multiple country codes in the EU, and some area code in the US.”

According to Info-Security Magazine, the breached data included Twitter IDs, names, logins, locations, verified status information, phone numbers and emails. 

To see if your account has this setting enabled, go to your Twitter account and open Settings & Privacy. 

From there click on the menu item “Privacy and safety.” 

Most read in News Tech

Next click on “Discoverability and contacts.” 

There users can see if they have the setting enabled and can choose to turn it off by selecting the slider. 

Only hours after revealing the breach, Loder posted on their Mastodon account: “Elon Musk suspended me.” 

The apparent breach comes months after Twitter admitted the social media platform was subject to a similar one earlier this year. 

In January 2022, the tech giant was first made aware of that breach, which allowed hackers to learn information about certain accounts through phone numbers and emails. 

Several months later in July, Twitter learned that “someone had potentially leveraged this and was offering to sell the information they had compiled.”

While Twitter did not admit to the breach until August, they claim the initial breach was fixed when they were made aware of it in January. 

Last week, Loder revealed they compared the recently breached data to the data from the earlier breach. 

“It is NOT the same data,” the cybersecurity expert wrote. 

“Completely different format, different affected accounts. Likely multiple actors all exploiting the same vulnerabilities in 2021.” 

Catfish, 28, 'bound & gagged family of girl he met online before killing them'
Pete 'looks free with Emily after high maintenance Kim but gestures not sexual'

Loder was referring to an update to Twitter’s code in June 2021 that resulted in this year’s breach. 

It was not immediately clear why his account was suspended.

You Might Like
Learn more about RevenueStripe...