The private user data for over five million users was stolen, but the company said it had no evidence that it was used. According to BleepingComputer, all of those accounts have been exposed. An even larger data dump with the data of millions of other users may have come from the same vulnerability. BleepingComputer was told by the owner of the hacking forum that it was responsible for exploiting the weakness and dumping the user records. It said that it obtained more than one million accounts for suspension, but only shared them with a few people. A security expert has said that tens of millions more records may have been collected. Private phone numbers may be included in data collected. A redacted sample was posted on Mastodon, as he was banned from the social networking site. BleepingComputer was told it could hold 17 million records. Users' phone numbers and email addresses were leaked, which could be used for swindling. It could be used to uncover identities from private accounts on the social networking site. If you're considering using two-factor authentication, now would be a good time to be cautious.