Add two more to the pile of lawsuits accusing Twitter of wrongdoing.
The two suits accuse the embattled social media firm of playing fast and loose with its users’ personal data, after a scraping incident last year left millions of accounts exposed on a hacking forum.
Filed in San Francisco Superior Court on Jan. 17, a proposed class action lawsuit alleges that the company failed to protect names, phone numbers and email addresses of Twitter users, which were offered for sale on the dark web and later posted for free.
The allegation stems from a vulnerability in Twitter’s underlying software, called an application programming interface, that purportedly allowed cybercriminals to scrape user information last year. Twitter acknowledged the flaw in August 2022, writing in a blog post that it had “immediately investigated and fixed it.”
Media reports suggested that multiple hackers were able to scrape users’ personal data; on Jan. 4, one posted what they claimed to be 200,000 accounts on Breached, a hacking forum.
A separate class action complaint filed in federal court last week made similar claims against Twitter, with plaintiff Stephen Gerber claiming that he was one of the users whose information was exposed.
That complaint alleged that people who used Twitter under a pseudonym were especially at risk because the combined data troves could be used to reveal users’ real email addresses and phone numbers.
Twitter didn’t respond to a request for comment, but wrote in a blog post this week that “there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems.”
The company claimed that data troves purporting to include hundreds of thousands of account details were “likely” patched together from already available sources.
The federal lawsuit seeks $5 million in penalties, while the lawsuit filed in state court seeks unspecified damages and an injunction requiring Twitter to improve its security practices.
These two lawsuits are just the latest legal hurdles for the troubled company: Twitter is also facing a battery of employment lawsuits over CEO Elon Musk’s ham-fisted dismissal of thousands of employees last year.
Twitter is also being sued by a San Francisco landlord and at least one contractor who say that the company stopped paying its bills after Musk’s acquisition, which closed in October 2022.
Meanwhile, Twitter is offering furniture, appliances and other memorabilia from its San Francisco headquarters at auction this week.
Items offered at the auction include a La Marzocco Strada Espresso Machine, a Berkel 330M-STD Manual Fly Wheel Slicer (with stand) and a set of 18 Knoll Saarinen Executive Swivel chairs going for thousands of dollars apiece.