According to estimates, data purportedly containing the email addresses of more than 200 million Twitter users is being distributed for free on a hacker site.
Email addresses used to create accounts are among the stolen data, which will scare anonymous individuals who used a private address to register.
The BBC has not validated the material, and data breaches frequently turn out to be duplicate, outdated, or fabricated data.
Requests for comments about the incident have received no response from Twitter.
The breach was discovered by Alon Gal of the cybercrime information company Hudson Rock, who called it “major” and stated it contained more than 200 million email addresses.
It would “sadly result in a lot of accounts getting hacked, targeted with phishing, and doxxed,” Mr. Gal told the BBC.
Doxxing is the act of disclosing details about someone that can be used to identify them.
The content, which must be unlocked by spending 20p in forum credits, has not been downloaded by the BBC.
A form user who indicated interest in the information wrote: “Thanks for your service; cannot wait for the pandemonium.”
Website with tech news The email addresses for several of the listed Twitter identities were accurate, according to data that Bleeping Computer obtained. It also discovered that the data included duplicates.
It stated: “Obviously, the entire dataset has not been verified. Since many people were not included in the breach, the dataset is far from full.”
Even though many Twitter accounts are mentioned again, more than 100 million unique email addresses are still included, according to another researcher.
