Massive data breach exposes over 200 million X users' email addresses on hacker forum
A major data breach has reportedly impacted X, exposing the information of over 200 million users. Cybersecurity group SafetyDetectives found the leak on BreachForums, a well-known hacker forum, where a user named ThinkingOne shared a 34 GB .CSV file. This file contains over 201 million entries of X user data, including email addresses, account creation dates, display names, and tweet counts.
SafetyDetectives verified a sample of the leaked data, confirming that the email addresses correspond to existing X accounts. The origin of the breach remains unknown, but ThinkingOne suggests it results from a 2023 breach affecting up to 2.8 billion X accounts (likely including bots and inactive accounts), potentially making it the largest social media data breach ever.
Although the leak doesn't include passwords or phone numbers, the exposed email addresses and metadata increase the risk of targeted attacks. The metadata includes past display names, tweet counts, and location data. ThinkingOne cross-referenced the 2025 leak with data from the 2023 breach to create a dataset of 201 million active users with previously compromised email addresses, enabling highly targeted scams, phishing campaigns, or impersonation attacks using real emails and detailed behavioral metadata. Attempts to contact X have reportedly gone unanswered.
- Social Network
- Freemium • Proprietary
Related news
External links
- Over 200 Million Records Allegedly Belonging to X Leaked OnlineSafetyDetectives
- Twitter (X) Hit by 2.8 Billion Profile Data Leak in Alleged Insider JobHackread
- Has Elon Musk's X Been Hit By Massive Data Breach? What We KnowNewsweek
- Alleged monumental X data leak contained mostly public dataSC Media
- Massive breach of Elon Musk's X allegedly leaks over 200 million users' email addressesMashable
Comments
I hope all those political propaganda bot accounts are ok
I hope this includes something juicy from all the politicians.
Twitter (X), like any real tech company services should focus on user data security, this shit cannot keep happening!!
Let me guess: the leak point is Grok, which is trained on xwitter users and their activity. 🕵️♂️ But anyway, who cares about the lab monkeys if his stuttering excellency Dork Maga's stocks are crashing down, and he just wasted 20mil on an election and lost it??? That's where the real tragedy lies, so do think twice before whining about your personal details getting leaked!
I'll bet that during the next days, Mr Efficiency will pour a torrent of lawsuits to any websites reporting this leak. Because he didn't spent $44B to allow anyone to talk about how he was at dismantling every bit of security at Twitter. Nor that he wants anyone to talk about his great work at dismantling the whole US security to try to save some less than a percent of GOP. But hey, Free Speech is so 2024.