A knowledge leak involving a whopping 2.87 billion Twitter (X) customers has surfaced on the notorious Breach Boards. In response to a submit by a person named ThinkingOne, the leak is the results of a disgruntled X worker who allegedly stole the information throughout a interval of mass layoffs. If true, this could be the biggest social media knowledge breach in historical past, however surprisingly, neither X nor the broader public seems to concentrate on it.
What We Know Concerning the Breach
The unique submit by ThinkingOne states that the information, round 400GB price, was possible exfiltrated throughout messy layoffs at X. The poster claims that they tried contacting X by a number of strategies however obtained no response.
Pissed off with the shortage of acknowledgment from X and most people, they took issues into their very own arms and determined to merge the newly leaked knowledge with one other notorious breach from January 2023.
The 2023 Breach Recap
To know the complete scope of what was leaked, trying on the 2023 X knowledge breach that affected round 209 million customers is vital. That breach uncovered:
- Show names and usernames (handles)
- Followers rely and account creation dates
On the time, X downplayed the leak, stating that it consisted of publicly obtainable knowledge. Regardless of the large publicity of e-mail addresses, they insisted that no delicate or personal info was concerned. Nevertheless, safety specialists warned that the mix of emails and public knowledge may allow phishing and id theft on a big scale.
What’s Contained in the Alleged 2025 Breach?
The 2025 breach, nevertheless, is a very totally different beast. In contrast to the 2023 leak, it doesn’t comprise e-mail addresses, nevertheless it does maintain a goldmine of profile metadata, together with:
- Consumer IDs and display names.
- Profile descriptions and URLs.
- Location and time zone settings.
- Show names (present and from 2021).
- Followers rely from each 2021 and 2025.
- Tweet rely and timestamps of the final tweet.
- Associates rely, listed rely, and favorites rely.
- Supply of the final tweet (comparable to TweetDeck or X Internet App).
- Standing settings (like whether or not the profile is verified or protected).
The information provides an in depth snapshot of customers’ profiles and exercise over time, together with bios, follower counts from totally different years, tweet historical past, and even the app used for the final tweet. However the one factor it doesn’t embody is essentially the most delicate bit: e-mail addresses.
The Knowledge Mashup
ThinkingOne, a well known determine on Breach Boards for his or her talent in analyzing knowledge leaks, determined to mix the 2025 leak with the 2023 one, producing a single 34GB CSV file (9GB compressed) containing 201 million merged entries. To be clear, the merged knowledge solely contains customers that appeared in each breaches, making a confusion of public and semi-public knowledge.
This messy mixture led many to consider that the 2025 leak additionally contained e-mail addresses, however that’s not the case. The emails proven within the merged file are from the 2023 breach. The presence of emails within the merged dataset has given the flawed impression that the contents of the 2025 leak additionally embody e-mail addresses.
Who Is ThinkingOne, and How Did They Get the Knowledge?
One of many largest mysteries is how ThinkingOne managed to acquire the 2025 breach knowledge within the first place. In contrast to typical hackers, they aren’t recognized for breaching programs themselves however are extremely regarded for analyzing and decoding leaked datasets. Whether or not they obtained the information from one other supply or performed some refined knowledge aggregation remains to be unclear.
Their idea {that a} disgruntled worker leaked the information through the layoffs stays unconfirmed, and there’s no concrete proof to help it; it’s only a believable speculation given the timing and inner mess at X.
Why the Silence from X?
If the claims are true, this isn’t only a large breach in dimension but additionally a blow to person privateness and company safety practices. But, X stays silent, and most people stays largely unaware.
Whether or not it’s on account of a lack of expertise on their half or an intentional try and downplay the incident, the absence of any official response raises critical questions on company transparency and accountability.
Regardless of the massive scale of the alleged breach, the shortage of public acknowledgment from X is worrisome. Whether or not this was an inside job or not, customers are left with extra questions than solutions: How a lot of their knowledge has been compromised? Who was behind the leak? And why hasn’t X issued any statements about it?
