PANews reported on January 12 that Twitter's privacy center released an update yesterday on "the incident of Twitter user data being sold online", saying that Twitter has conducted a thorough investigation into the recent media reports of Twitter user data being sold online, and there is no evidence that the recently sold data was obtained by exploiting Twitter's system loopholes. These data may be collected public data, which comes from different information sources.

The announcement stated that in August 2022, Twitter informed users that it had learned of a vulnerability through the "Bug Bounty Program" in January 2022. The vulnerability leaked Twitter user accounts and the user's email address and mobile phone number were stolen. The vulnerability has now been fixed. However, Twitter confirmed that bad actors had exploited the vulnerability before the problem was resolved, and promptly notified the affected users and relevant departments.

Earlier on January 5, a security company said that the data of more than 200 million Twitter accounts had been posted on a hacker forum and could be downloaded for free. This was the same as the data leak that affected more than 400 million accounts reported in December 2022, which was caused by deleting duplicates.