Data purported to contain the email addresses of more than 200 million Twitter users has been given away for free on a hacking forum, reports say.
The stolen information includes the email addresses used to create accounts, which will trouble anonymous users who signed up with a fake address.
Reuters has not verified the data, and breaches often turn out to contain duplicate, outdated or false information.
Twitter did not respond to requests for comment about the breach.
Alon Gal of cybercrime intelligence firm Hudson Rock, which discovered the leak, said it contained more than 200 million email addresses and was "significant".
Mr Gal told the BBC it would "unfortunately lead to many accounts being hacked, targeted phishing and doxxed".
Doxxing is the act of publishing personal information about someone that could lead to their identification.
Reuters has not downloaded the material, which must be unlocked using 20p worth of forum credits.
Tech news site Bleeping Computer downloaded the data and confirmed that the email addresses were correct for many of the profiles listed on Twitter. He also found that the data contained duplicates.
He reported: “The full data has definitely not been confirmed. The data is incomplete, as there were many users who were not found in the leak.”
Another researcher suggested that many Twitter accounts appear multiple times, but the number of unique email addresses involved is still more than 100 million.
The news follows a warning from Hudson Rock last week about unverified claims by a hacker to have email and phone numbers associated with 400 million Twitter accounts.
The hacker, Ryushi, demanded $200,000 (£168,000) from Twitter to hand over the data and delete it.
However, the data currently offered online for free was posted by another individual, is smaller in size, and Mr. Gal said they didn't include phone numbers.
