KUALA LUMPUR (Nov 29): More than 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.

According to DataBreaches, a site that reports data breach incidents worldwide, another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug was by threat actors.

The site said on Sunday (Nov 27) that the data consists of scraped public information as well as private phone numbers and email addresses that are not meant to be public.