A colossal 400GB trove containing data from 2.873 billion X (formerly Twitter) users has surfaced on hacker forums.
The breach, allegedly dated January 2025, is now being deemed one of the largest data leaks in social media history.
Breach Origin and Allegations
The leak first came to light on March 28, 2025, when a data leak forum user, “ThinkingOne,” published detailed information about the breach.
.png
)
According to their claims, the breach occurred during a turbulent period of layoffs at X, allegedly perpetrated by a disgruntled employee.
ThinkingOne disclosed that its attempts to notify X and its user base were largely ignored, prompting them to divulge information online.
The hacker merged the leaked data with records from a prior 2023 Twitter breach involving 200 million users, which X had dismissed at the time as “publicly available information.”
ThinkingOne stated, “Only records with screen names present in both datasets are included, forming a total of 201,186,753 entries.”
The Dataset: From Basic to Detailed User Information
The dataset from the 2023 breach contained basic user data, including names, screen names, and follower metrics.
However, the 2025 dataset adds a much deeper layer of detail. New fields include user IDs, location, time zone, language preferences, friend and follower counts, statuses, and detailed metrics on user activity.
For instance, the account “TrumpOnline,” which was part of the 2023 leak, now includes expanded metadata such as:
- ID: 41610628
- Time Zone: -18000
- Language: en
- Follower Count: 1,002
- Last Status Created At: 2011-09-06
This increased granularity raises significant concerns for privacy and security, as such data can be exploited for profiling, phishing, and targeted cyberattacks.
Evidence of Breach
Cyber Press, a cybersecurity investigative team, uncovered accompanying files linked to the breach.
Their analysis revealed 165 separate files, including CSV datasets dated January 24, 2025, containing hundreds of megabytes of structured data.
Examples include:
- twitter_users_003.csv.xz: 372.6 MB
- twitter_users_010.csv.xz: 376.0 MB
- twitter_users_014.csv.xz: 361.2 MB
ThinkingOne stands by the authenticity of the leaked data and claims to have thoroughly analyzed it, though the exact method of extraction remains unclear.
If verified, this breach would overshadow most previous social media incidents, potentially ranking as the second-largest data breach ever, trailing only the 2021 National Public Data breach of 3.1 billion records.
While X boasts 600 million Monthly Active Users (MAUs), ThinkingOne asserts the platform’s total registered accounts far exceed this figure, making the 2.8 billion record count plausible.
The online reaction has been swift and concerned, with users debating the severity of the incident and its implications. One individual remarked, “History has been made if this is real.”
X has yet to issue an official statement regarding the breach, leaving millions of users in uncertain.
This alarming incident highlights critical vulnerabilities in social media platforms, underscoring the urgent need for enhanced security measures and transparency.
As investigations unfold, the breach may serve as a sobering reminder of the importance of safeguarding user data in an increasingly interconnected digital world.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
 users has surfaced on hacker forums.){kind=link}