Toolio | X.com tool directory
Best X's Tools Directory for Growing Your Brand and Business.
Explore

200 Million X Accounts Leaked in Massive Data Breach — 2.8 Billion Twitter IDs Exposed


April 05, 2025

200M X Accounts Leaked in Major Data Breach
Elon Musk’s X, formerly known as Twitter, is facing one of its most alarming cybersecurity crises yet. A self-proclaimed data enthusiast has released what is believed to be a collection of over 200 million user records, tied to 2.8 billion unique Twitter user IDs, in what may be the largest leak of its kind in social media history.



A New Leak Built on an Old Exploit


The incident traces back to a vulnerability first reported in early 2022 through Twitter’s bug bounty program. This flaw allowed bad actors to retrieve private user data—including email addresses and phone numbers—simply by entering them into the system. Before the issue could be patched, attackers had already begun collecting and selling this data online.


Twitter acknowledged the breach in July 2022, stating:


ā€œAfter reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed.ā€


Now, in 2025, that same dataset has reportedly resurfaced—enhanced and expanded with newer information—and released in full by a user who goes by the handle ThinkingOne.



200 Million Users, 34GB of Data — Given Away for Free


According to a post on a prominent breach forum, ThinkingOne released a 34 GB CSV file containing 201,186,753 records, each with a combination of public and private data. This includes: X screen names and user IDs, Full names and profile details, Locations, Email addresses, Follower counts and more




Cybersecurity group Safety Detectives confirmed that much of the data appears to be genuine. Their analysis found consistent formatting and matching records when compared with known user information.



ThinkingOne Speaks Out


In an email exchange with Forbes cybersecurity contributor Davey Winder, the leaker clarified that they don’t identify as a hacker, but rather a ā€œdata enthusiastā€ who operates within legal bounds.


ā€œI don’t consider myself a hacker,ā€ ThinkingOne said. ā€œI’m simply sharing what was already out there—compiled and cleaned. My goal isn’t harm. It’s awareness.ā€


They also dropped a bombshell:


ā€œThe real story here is that 2.8 billion Twitter IDs were exfiltrated. That’s far beyond the number of active users. How did someone enumerate every Twitter ID unless they had internal access?ā€


This raises serious questions about whether the original breach was larger than initially reported—or if multiple data leaks were combined.



X Yet to Respond


According to ThinkingOne, several attempts were made to alert X before releasing the dataset, but they claim to have received no response. As of this writing, X has not issued an official statement on the leak or its implications for affected users.


In previous security incidents, Musk’s leadership has typically leaned into damage control through X posts or brief press comments. However, no such statements have been made publicly in this case.



Not X’s First Cybersecurity Crisis


This data breach follows a string of security-related troubles for the platform:

  • In March 2024, the platform crashed during Ron DeSantis’ presidential campaign launch on Twitter Spaces.


  • In August 2024, X suffered a major outage that affected over 60% of users.


  • Just weeks ago in March 2025, Musk claimed a "massive cyberattack" was responsible for a temporary outage.


  • Reports of X password-stealing phishing campaigns have also circulated throughout 2024 and 2025.




These incidents have raised concerns about whether the platform’s technical team is adequately resourced and structured to handle large-scale threats.



What Should X Users Do Now?


Though X has not confirmed the leak, users are advised to take precautions immediately, including:

  • Changing their X account passwords


  • Activating two-factor authentication (2FA)


  • Monitoring email accounts associated with X for unusual activity


  • Being cautious of phishing attempts referencing X usernames or follower counts




Given the nature of the breach, affected users may be at risk of spam, impersonation, or more serious identity-based attacks.


This may be one of the most significant social media data leaks ever recorded, both in scale and implication. With over 200 million users compromised and 2.8 billion IDs exposed, the breach reflects long-term vulnerabilities that may not have been fully resolved even years after the initial exploit was discovered.


For now, the ball is in X’s court to respond—and reassure a very nervous user base.


This is a developing story and will be updated as more information becomes available.

Related posts

X Down: Major Outage Hits Twitter App & Website

Twitter Down: Elon Musk’s X Faces Major Outage, App and Web Hit

May 23, 2025

Elon Musk’s X suffers a massive outage affecting app and site users across India. No official statement released yet as users report widespread issues.
Read more →
Kangana Ranaut Deletes Trump Tweet After BJP Pushback

Kangana Ranaut Deletes Trump Tweet After BJP Pushback

May 22, 2025

Kangana Ranaut deleted a controversial Trump tweet after BJP president JP Nadda intervened. She called it a personal opinion and expressed regret.
Read more →
Salman Khan Deletes Ceasefire Tweet Amid Backlash

Salman Khan Deletes Ceasefire Tweet Amid Backlash

May 21, 2025

Salman Khan deleted his ceasefire tweet after criticism for staying silent on India’s Operation Sindoor following the Pahalgam terrorist attack.
Read more →

Save yourself the hassle.

Get started for free.