Twitter Data Breach
Twitter API Scrape (2021): 211 Million User Email Addresses Linked to Public Profiles Exposed
Social media platform.
Risk Interpretation
Exposure enables harassment, phishing, doxxing, and account takeover. Public-interest and political activity on the platform can also amplify reputational and physical-safety risks.
Impact & Downstream Threats
This breach reflects the large-scale downstream packaging of Twitter user data into a corpus of more than 200 million records built from 2021 API abuse that allowed email addresses to be resolved to public profiles. Public breach tracking says the dataset paired email addresses with profile information such as names, usernames, and follower counts, making it especially useful for phishing, impersonation, doxing, spam targeting, and large-scale identity correlation far beyond the smaller set of d
- Targeted phishing campaigns using exposed email addresses
- Social media account targeting and impersonation
Threat Vectors
Breach Intelligence
Executive Summary
Twitter suffered a data breach affecting approximately 211.5 million user accounts after threat actors exploited a vulnerability in its application programming interface (API). The flaw, introduced in June 2021, allowed attackers to submit email addresses and phone numbers to the API and receive matching Twitter profile data in return. By late 2021, attackers had automated this process at scale, systematically building a dataset that linked private contact information to public profiles. The compiled records surfaced on a hacking forum in early 2023. The exposed data combined email addresses with public profile details including names, usernames, and follower counts. That pairing is particularly sensitive because Twitter was built on pseudonymous identity. Many users kept their real-world contact information separate from their public persona by design. This breach collapsed that separation, making it possible to identify the person behind an account. For activists, journalists, whistleblowers, and others who rely on that separation, the exposure creates concrete risks of harassment, doxxing, phishing, and targeted impersonation. Twitter disclosed an API vulnerability to regulators in August 2022, and Ireland's Data Protection Commission, which oversees Twitter's EU operations, opened an inquiry that resulted in a 5.4 million euro fine in 2023. That earlier disclosure involved a smaller confirmed dataset; the 211.5 million record corpus reflects the full downstream scale of the same underlying flaw. Affected users should treat their email address as potentially linked to their Twitter identity, stay alert to phishing attempts referencing their account, and consider whether their current username or profile information could expose them to unwanted contact.
About Twitter
Twitter was a global real-time social media and microblogging platform built around public posts, follower graphs, pseudonymous identity, direct messaging, and live discourse at scale. Before the later rebrand to X, Twitter’s core value came from making public conversation searchable, linkable, and easy to distribute across media, politics, business, and culture.
Why They Hold Your Data
Real-time social platforms collect user identity, contact details, posts, messages, social graphs, device data, and behavioral engagement signals across public and private communication workflows.
Recent Developments
Twitter no longer operates under that name and now exists as X following Elon Musk’s 2023 rebrand of the platform. Even so, the breach remains tied to the Twitter-era service, product design, and API decisions that governed how user identity data could be queried and linked at the time.
Data Points Exposed
Canonical Fields
email_address, full_name, social_media_profile, username
Dark Web Verification
- Dataset containing ~211.5M records identified in breach intelligence sources
- Data indexed and searchable across breach notification platforms
- Source: Twitter (200M) Data Breach;twitter.com-2016
Recommended Actions
⚠️ Do not assume this is low sensitivity.
Protect Yourself
Check If You’re Affected
Enter your email to check if your data appears in this breach.
Get Free Breach Alerts
Be the first to know when new breaches are disclosed.
High-Risk? Get an Exposure Audit
Full-spectrum exposure audits for executives and public figures.
ObscureIQ Advisory
We combine proprietary dark web access with commercial and restricted breach intelligence to verify exposure and assess real-world risk.
- A public-facing individual
- A high-profile executive
- A customer of Twitter
- Or concerned about credential reuse
Powered by the ObscureIQ Breach Intelligence Database
© 2026 ObscureIQ · All Rights Reserved · Data Licensing
Latest from ObscureIQ
What Is Credit Monitoring? And Do I Want It? (Answer: Not Really)
Lock Down Browsers. Wipe Employee Footprints. Win Breach Wars.
Sextortion Spam