According to a report from LeakedSource.com :
Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set was provided to us by a user who goes by the alias “[email protected]”, and has given us permission to name them in this blog.
The alias is the same claiming responsibility for recent MySpace and LinkdIn hacks. LeakedSource is a search-engine capable of searching over 1.8 billion leaked records — an aggregation of data from hundreds of disparate sources. They have been able to accumulate this data over a relatively short period of time through a combination of deep-web scavenging and rumor-chasing.
According to LeakedSource.com:
This data set contains 32,888,300 records. Each record may contain an email address, a username, sometimes a second email and a visible password. We have very strong evidence that Twitter was not hacked, rather the consumer was. These credentials however are real and valid. Out of 15 users we asked, all 15 verified their passwords.
The explanation for this is that tens of millions of people have become infected by malware, and the malware sent every saved username and password from browsers like Chrome and Firefox back to the hackers from all websites including Twitter.
Twitter Disagrees But Cooperates
We have investigated reports of Twitter usernames/passwords on the dark web, and we’re confident that our systems have not been breached.
— Michael Coates ஃ (@_mwc) June 9, 2016
Coates is the Trust & Info Security Officer for Twitter. In another Tweet, Coates says they are working with Leaked Source to investigate the claims. As of the first quarter of 2016, the microblogging service averaged at 310 million monthly active users.
If you think you have been hacked contact Twitter .