X (twitter) Largest Data Breach Ever? 2.8 Billion User Info Leaked

A information leak involving a whopping 2.87 cardinal Twitter (X) users has surfaced connected nan infamous Breach Forums. According to a station by a personification named ThinkingOne, nan leak is nan consequence of a disgruntled X worker who allegedly stole nan information during a play of monolithic layoffs successful January 2025. If true, this would beryllium nan largest societal media information breach successful history, but surprisingly, neither X nor nan broader nationalist appears to beryllium alert of it.

What We Know About nan Breach

The original station by ThinkingOne states that nan data, astir 400GB worth, was apt exfiltrated during messy layoffs astatine X successful early 2025. The poster claims that they tried contacting X done aggregate methods but received nary response.

Frustrated pinch nan deficiency of acknowledgment from X and nan wide public, they took matters into their ain hands and decided to merge nan recently leaked information pinch different infamous breach from January 2023.

The 2023 Breach Recap

To understand nan afloat scope of what was leaked, looking astatine nan 2023 X information breach that affected astir 209 cardinal users is important. That breach exposed:

• Email addresses

• Display names and usernames (handles)

• Followers count and relationship creation dates

At nan time, X downplayed nan leak, stating that it consisted of publically disposable data. Despite nan monolithic vulnerability of email addresses, they insisted that nary delicate aliases backstage accusation was involved. However, information experts warned that nan operation of emails and nationalist information could alteration phishing and personality theft connected a ample scale.

What’s Inside nan Alleged 2025 Breach?

The 2025 breach, however, is simply a wholly different beast. Unlike nan 2023 leak, it doesn’t incorporate email addresses, but it does clasp a goldmine of floor plan metadata, including:

• Account creation dates.

• User IDs and surface names.

• Profile descriptions and URLs.

• Location and clip area settings.

• Display names (current and from 2021).

• Followers count from some 2021 and 2025.

• Tweet count and timestamps of nan past tweet.

• Friends count, listed count, and favorites count.

• Source of nan past tweet (such arsenic TweetDeck aliases X Web App).
• Status settings (like whether nan floor plan is verified aliases protected).

The information gives a elaborate snapshot of users’ profiles and activity complete time, including bios, follower counts from different years, tweet history, and moreover nan app utilized for nan past tweet. But nan 1 point it doesn’t see is nan astir delicate bit: email addresses.

Data analyzed by nan Hackread.com investigation squad (Credit: Waqas/Hackread.com)

The Data Mashup

ThinkingOne, a well-known fig connected Breach Forums for their accomplishment successful analyzing information leaks, decided to harvester nan 2025 leak pinch nan 2023 one, producing a azygous 34GB CSV record (9GB compressed) containing 201 cardinal merged entries. To beryllium clear, nan merged information only includes users that appeared successful some breaches, creating a disorder of nationalist and semi-public data.

This messy operation led galore to judge that nan 2025 leak besides contained email addresses, but that’s not nan case. The emails shown successful nan merged record are from nan 2023 breach. The beingness of emails successful nan merged dataset has fixed nan incorrect belief that nan contents of nan 2025 leak besides see email addresses.

Who Is ThinkingOne, and How Did They Get nan Data?

One of nan biggest mysteries is really ThinkingOne managed to get nan 2025 breach information successful nan first place. Unlike emblematic hackers, they are not known for breaching systems themselves but are highly regarded for analyzing and interpreting leaked datasets. Whether they received nan information from different root aliases conducted immoderate blase information aggregation is still unclear.

Their mentation that a disgruntled worker leaked nan information during nan layoffs remains unconfirmed, and there’s nary actual grounds to support it; it is only a plausible presumption fixed nan timing and soul messiness astatine X.

Why nan Silence from X?

If nan claims are true, this is not conscionable a monolithic breach successful size but besides a rustle to personification privateness and firm information practices. Yet, X remains silent, and nan wide nationalist remains mostly unaware.

Whether it’s owed to a deficiency of consciousness connected their portion aliases an intentional effort to downplay nan incident, nan absence of immoderate charismatic consequence raises superior questions astir firm transparency and accountability.

Despite nan ample standard of nan alleged breach, nan deficiency of nationalist acknowledgment from X is worrisome. Whether this was an inside job aliases not, users are near pinch much questions than answers: How overmuch of their information has been compromised? Who was down nan leak? And why hasn’t X issued immoderate statements astir it?