An information leak involving a whopping 2.87 billion Twitter (X) customers has surfaced on the notorious Breach Boards. In response to a submit by a consumer named ThinkingOne, the leak is the results of a disgruntled X worker who allegedly stole the info throughout a interval of mass layoffs. If true, this is able to be the most important social media knowledge breach in historical past, however surprisingly, neither X nor the broader public seems to pay attention to it.
What We Know In regards to the Breach
The unique submit by ThinkingOne states that the info, round 400GB value, was doubtless exfiltrated throughout messy layoffs at X. The poster claims that they tried contacting X by way of a number of strategies however acquired no response.
Pissed off with the shortage of acknowledgment from X and most of the people, they took issues into their very own palms and determined to merge the newly leaked knowledge with one other notorious breach from January 2023.
The 2023 Breach Recap
To know the complete scope of what was leaked, trying on the 2023 X knowledge breach that affected round 209 million customers is essential. That breach uncovered:
- Show names and usernames (handles)
- Followers rely and account creation dates
On the time, X downplayed the leak, stating that it consisted of publicly accessible knowledge. Regardless of the huge publicity of e-mail addresses, they insisted that no delicate or personal info was concerned. Nonetheless, safety specialists warned that the mix of emails and public knowledge may allow phishing and identification theft on a big scale.
What’s Contained in the Alleged 2025 Breach?
The 2025 breach, nevertheless, is a very totally different beast. In contrast to the 2023 leak, it doesn’t include e-mail addresses, but it surely does maintain a goldmine of profile metadata, together with:
- Consumer IDs and display names.
- Profile descriptions and URLs.
- Location and time zone settings.
- Show names (present and from 2021).
- Followers rely from each 2021 and 2025.
- Tweet rely and timestamps of the final tweet.
- Associates rely, listed rely, and favorites rely.
- Supply of the final tweet (comparable to TweetDeck or X Internet App).
- Standing settings (like whether or not the profile is verified or protected).
The info provides an in depth snapshot of customers’ profiles and exercise over time, together with bios, follower counts from totally different years, tweet historical past, and even the app used for the final tweet. However the one factor it doesn’t embody is essentially the most delicate bit: e-mail addresses.
The Information Mashup
ThinkingOne, a widely known determine on Breach Boards for his or her talent in analyzing knowledge leaks, determined to mix the 2025 leak with the 2023 one, producing a single 34GB CSV file (9GB compressed) containing 201 million merged entries. To be clear, the merged knowledge solely consists of customers that appeared in each breaches, making a confusion of public and semi-public knowledge.
This messy mixture led many to imagine that the 2025 leak additionally contained e-mail addresses, however that’s not the case. The emails proven within the merged file are from the 2023 breach. The presence of emails within the merged dataset has given the improper impression that the contents of the 2025 leak additionally embody e-mail addresses.
Who Is ThinkingOne, and How Did They Get the Information?
One of many greatest mysteries is how ThinkingOne managed to acquire the 2025 breach knowledge within the first place. In contrast to typical hackers, they don’t seem to be identified for breaching methods themselves however are extremely regarded for analyzing and decoding leaked datasets. Whether or not they acquired the info from one other supply or carried out some subtle knowledge aggregation continues to be unclear.
Their idea {that a} disgruntled worker leaked the info throughout the layoffs stays unconfirmed, and there’s no concrete proof to help it; it’s only a believable speculation given the timing and inner mess at X.
Why the Silence from X?
If the claims are true, this isn’t only a large breach in dimension but additionally a blow to consumer privateness and company safety practices. But, X stays silent, and most of the people stays largely unaware.
Whether or not it’s as a consequence of a ignorance on their half or an intentional try and downplay the incident, the absence of any official response raises severe questions on company transparency and accountability.
Regardless of the massive scale of the alleged breach, the shortage of public acknowledgment from X is worrisome. Whether or not this was an inside job or not, customers are left with extra questions than solutions: How a lot of their knowledge has been compromised? Who was behind the leak? And why hasn’t X issued any statements about it?
