Lawrence Abrams reports:
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.
Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug was by threat actors.
The data consists of scraped public information as well as private phone numbers and email addresses that are not meant to be public.
Read more at BleepingComputer.