Among shocking internal revelations about its content moderation practices and massive data breaches, it's pretty hard for Twitter to stay out of the public eye.
The culprit, this time, is last week's cyberattack which saw over 200 million of Twitter users' logins being compromised. Specifically, email addresses used to set up accounts were stolen and given away for free on a hacker forum.
That's especially concerning for those sensitive users who might regularly use security tools like the best VPN services and think they have their online anonymity effectively protected.
The latest events certainly aren't the first – nor the worst – instance of the bird icon getting caught up in such a worrying data breach. Twitter's security flaws have indeed long predated Elon Musk's takeover.
However, similar incidents could arguably increase in the near future, seeing the dramatic wave of layoffs that has followed the new management.
That's why some privacy experts have shared with TechRadar some useful tips to help you better protect your Twitter profile. Here's what they say.
Twitter database leaks for free with 235,000,000 records.The database contains 235,000,000 unique records of Twitter users and their email addresses and will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.This is one of the most significant leaks ever. pic.twitter.com/kxRY605qMZJanuary 4, 2023
Twitter leaks - what's at stake for users?
"The leaking of more than 200 million Twitter users’ email addresses is a serious and dangerous cybersecurity breach, which could potentially lead to further sensitive information being accessed by the perpetrators," said Ceri Shaw, Chief Delivery Officer at Scotland's digital skills academy CodeClan.
These stolen email addresses might be used to target victims in larger phishing campaigns, for example. Phishing attacks have indeed been on the rise over the last few years.
Doxxing, the act of publishing private and identifying information about a specific individual online, is another huge risk of such a significant leak - according to cyber-crime information company Hudson Rock.
Legal Director of UK data breach solicitors firm Hayes Connor also believes that the hacked accounts might be more likely to suffer identity theft, credit scams as well as bank or financial fraud.
Money, privacy and reputation aren't the only things at stake for users, though.
Having such personal data publicly exposed might also lead to higher emotional distress and anxiety. All this could then provoke a longer lasting impact on overall victims' mental health.
"The news about one of the largest data leaks of all time is extremely alarming, especially one of this scale," explained Forrest.
"The public puts a lot of trust in social media platforms such as Twitter, with the expectation that their data is going to be handled securely. It is concerning that Twitter are yet to comment considering how many people may be affected."
How to protect your Twitter account
Whether you're worried that your personal information has been leaked, or securing your Twitter profile for future data breaches is what you're after, there are some actions that you should take right now to secure your most sensitive data.
Firstly, you should find out if your data has been compromised via sites like haveibeenpwned.com.
Hayes Connor's lawyers advise victims to be aware of fraudulent emails, texts and calls as these are likely to be phishing scams. They also recommend not giving away any personal data nor clicking on links.
You should also consider contacting your bank to check for any suspicious activities. Likewise, experts recommend initiating a fraud alert with your credit company.
Shaw from CodeClan also said to lookout for any suspicious activities like password reset emails, unusual pop-ups on their device and targeted phishing emails. If that's the case, you really should go over your security settings and update your passwords with combinations difficult to guess as soon as possible.
"Passwords should use a combination of special characters, letters and numbers and should have no relevance to any of your personal information," explained Shaw, advising to get one of the best password manager tools to help you create and manage more secure login details over time.
"Looking ahead, Twitter needs to thoroughly investigate how this was allowed to happen and implement measures to ensure the impact of any possible future cybersecurity breaches is minimized."
