More than 10 percent of Twitter's total monthly active users may have compromised accounts, following similar data breaches on LinkedIn and Myspace in May. A Russian hacker who goes by the name Tessa88 is reportedly selling a database of Twitter users' email addresses and passwords for 10 bitcoins (just over $5,800), according to a report from ZDNet. The total number of potentially compromised accounts? Nearly 33 million.
Though the seller initially claimed to have data on 379 million Twitter accounts, a breakdown of the breach from LeakedSource says the actual number is closer to 33 million when accounting for duplicates:
This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.
LeakedSource theorizes that a breach of Twitter itself is unlikely, meaning the private information was likely obtained by malware that sent every saved username and password from users' preferred browser back to the hackers. These hackers, according to CNET, are the same people responsible for the aforementioned LinkedIn and Myspace hacks.
"We are confident that these usernames and credentials were not obtained by a Twitter data breach—our systems have not been breached," a Twitter spokesperson told Complex Thursday. "In fact, we've been working to help keep accounts protected by checking our data against what’s been shared from recent other password leaks."
An alarming number of high-profile Twitter accounts have suffered hacks over the past few weeks, including accounts owned by Kylie Jenner, Drake, Katy Perry, Jack Black, and Mark Zuckerberg. Those celebrity hacks, however, have not been linked to this latest data breach.