Summary box
- Incident date
- 01 Jul 2022
- Reported date
- 01 Aug 2022
- Sources verified
- 2
Back to breach centre
Twitter/X breach guide
Twitter/X data breach: what happened and what to do next
You do not need drama. You need signal. Here is the fast reality: what was reported, what may be exposed, and the practical moves worth doing right now.
Status: Confirmed
Last updated: 22 May 2026
Company
Twitter/X
Status
Confirmed
Data potentially exposed
Emails, Phone numbers, User IDs, Profile handles
Affected scope
Millions of user records were reported as linked through a vulnerability and sold online.
1. What happened?
A vulnerability was abused to map contact information to user identifiers, later circulating in criminal forums.
- Attackers exploited an API weakness to correlate contact details with accounts.
- Mapped datasets were republished and resold online.
- The exposure increased targeted doxxing and phishing risk for high-visibility accounts.
2. Who may be affected?
- Users with phone or email discoverability settings.
- Public-facing creators, founders, and journalists.
- Users relying on single-factor login habits.
3. What should users do now?
- Review privacy and discoverability settings immediately.
- Enable MFA and prefer app-based authenticators.
- Rotate passwords reused across social and email accounts.
- Treat urgent security DMs and links as suspicious until verified.
4. How exposure can spread beyond one incident
Mapped contact-to-account data can fuel harassment, account takeovers, and spear phishing.
5. How Hushfolk helps
Hushfolk helps identify where exposed vectors might link into broader breach or broker ecosystems.
Terms in this article
New to security jargon? These quick definitions keep the page readable.
Need the full list? Open the security glossary.