News

X Faces Massive 2.8B User Data Leak: Insider Job?

6155
02
Apr

A staggering 2.8 billion Twitter (X) user profiles are reportedly compromised in a massive data leak, igniting concerns of an inside job. The breach, highlighted on Breach Forums, points to a disgruntled X employee allegedly pilfering the data amidst company layoffs. If confirmed, this would eclipse all previous social media data breaches in scale.

Unpacking the Alleged X Data Breach

User “ThinkingOne” on Breach Forums claims the leaked data, approximately 400GB, was exfiltrated during X’s restructuring phase. Attempts to alert X about the breach were allegedly ignored, prompting the user to merge the data with information from a 2023 breach.

The 2023 X Data Breach: A Quick Look Back

The earlier 2023 breach impacted roughly 209 million users, exposing:

  • Email addresses
  • Display names and usernames (handles)
  • Follower counts and account creation dates

X downplayed the 2023 leak, categorizing the exposed data as publicly available. However, security experts cautioned about the potential for phishing attacks and identity theft due to the exposed email addresses.

The Alleged 2025 Leak: What’s New?

The purported 2025 leak differs significantly. While it omits email addresses, it unveils a wealth of profile metadata, including:

  • Account creation dates
  • User IDs and screen names
  • Profile descriptions and URLs
  • Location and time zone settings
  • Display names (current and from 2021)
  • Follower counts from both 2021 and 2025
  • Tweet count and timestamps of the last tweet
  • Friends count, listed count, and favorites count
  • Source of the last tweet (e.g., TweetDeck, X Web App)
  • Status settings (verified or protected)

This leak paints a detailed picture of user profiles and activity, capturing bios, follower growth, tweet history, and even the apps used for tweeting. The absence of email addresses, however, is a key distinction.

The Data Mashup Explained

ThinkingOne combined the 2025 leak with the 2023 data, creating a 34GB CSV file (9GB compressed) containing 201 million merged entries. This merged dataset only includes users present in both breaches, potentially causing confusion, as the email addresses originate from the 2023 incident.

Why 2.8 Billion Users Seems Unrealistic

With X reporting around 335.7 million users as of January 2025, the 2.8 billion figure raises questions. Potential explanations include:

  • Aggregated or historical data, including bot accounts and deleted profiles.
  • Non-user entities like API accounts and organization profiles.
  • Data scraped from multiple public sources, including archived leaks.

ThinkingOne: Analyst or Hacker?

The source of the 2025 data remains a mystery. ThinkingOne is known for analyzing data leaks, not for hacking. The theory of a disgruntled employee remains unconfirmed but plausible.

X’s Silence: A Cause for Concern?

The potential leak raises serious privacy questions. If the claims are substantiated, users deserve answers regarding the extent of the breach, the responsible parties, and why X has remained silent despite attempts to contact them.

Author: Waqas

Published: March 29, 2025

Tags: Breach Forums, Cybersecurity, data breach, Elon Musk, LEAKS, Privacy, Social Media, twitter, X

Ngoc Vy

Ngoc Vy is a tech journalist specializing in artificial intelligence, emerging technologies, and their societal impact. She combines technical rigor with on-the-ground coverage of Vietnam’s startup ecosystem, from AI ethics debates to gov-tech adoption. Ngoc Vy is also passionate about bridging the gender gap in STEM journalism.

Content

Content