Huge Twitter (X) profile knowledge leak exposes particulars of two.8 billion customers; alleged insider leak surfaces with no official response from the corporate.
An information leak involving a whopping 2.87 billion Twitter (X) customers has surfaced on the notorious Breach Boards. In accordance with a publish by a person named ThinkingOne, the leak is the results of a disgruntled X worker who allegedly stole the information throughout a interval of mass layoffs. If true, this is able to be the most important social media knowledge leak in historical past, however surprisingly, neither X nor the broader public seems to pay attention to it.
What We Know Concerning the Leak
The unique publish by ThinkingOne states that the information, round 400GB price, was possible exfiltrated throughout messy layoffs at X. The poster claims that they tried contacting X by way of a number of strategies however acquired no response.
Annoyed with the shortage of acknowledgment from X and most people, they took issues into their very own arms and determined to merge the newly leaked knowledge with one other notorious breach from January 2023.
The 2023 Breach Recap
To know the total scope of what was leaked, wanting on the 2023 X knowledge breach that affected round 209 million customers is necessary. That breach uncovered:
- Show names and usernames (handles)
- Followers rely and account creation dates
On the time, X downplayed the leak, stating that it consisted of publicly obtainable knowledge. Regardless of the large publicity of e mail addresses, they insisted that no delicate or non-public info was concerned. Nevertheless, safety specialists warned that the mix of emails and public knowledge might allow phishing and identification theft on a big scale.
What’s Contained in the Alleged 2025 Leak?
The 2025 leak, nevertheless, is a very totally different beast. Not like the 2023 leak, it doesn’t include e mail addresses, nevertheless it does maintain a goldmine of profile metadata, together with:
- Person IDs and display screen names.
- Profile descriptions and URLs.
- Location and time zone settings.
- Show names (present and from 2021).
- Followers rely from each 2021 and 2025.
- Tweet rely and timestamps of the final tweet.
- Associates rely, listed rely, and favorites rely.
- Supply of the final tweet (akin to TweetDeck or X Net App).
- Standing settings (like whether or not the profile is verified or protected).
The info provides an in depth snapshot of customers’ profiles and exercise over time, together with bios, follower counts from totally different years, tweet historical past, and even the app used for the final tweet. However the one factor it doesn’t embody is probably the most delicate bit: e mail addresses.
The Knowledge Mashup
ThinkingOne, a well known determine on Breach Boards for his or her ability in analyzing knowledge leaks, determined to mix the 2025 leak with the 2023 one, producing a single 34GB CSV file (9GB compressed) containing 201 million merged entries. To be clear, the merged knowledge solely consists of customers that appeared in each incidents, making a confusion of public and semi-public knowledge.
This messy mixture led many to imagine that the 2025 leak additionally contained e mail addresses, however that’s not the case. The emails proven within the merged file are from the 2023 breach. The presence of emails within the merged dataset has given the improper impression that the contents of the 2025 leak additionally embody e mail addresses.
Why 2.8 Billion Doesn’t Add Up
As of Jan 2025, X (previously Twitter) had round 335.7 million customers, so how is it attainable that knowledge from 2.8 billion customers has been leaked? One attainable rationalization is that the dataset consists of aggregated or historic knowledge, akin to bot accounts that had been created and later banned, inactive or deleted accounts that also lingered in historic information, or previous knowledge that was merged with newer knowledge, rising the entire variety of information.
Moreover, some entries won’t even symbolize actual customers however might embody non-user entities like API accounts, developer bots, deleted or banned profiles that remained logged someplace, or group and model accounts that aren’t tied to particular person customers.
One other chance is that the leaked knowledge wasn’t completely obtained from Twitter itself however quite scraped from a number of public sources and merged collectively, together with archived knowledge from older leaks or info from third-party providers linked to Twitter accounts.
Who Is ThinkingOne, and How Did They Get the Knowledge?
One of many greatest mysteries is how ThinkingOne managed to acquire the 2025 leaked knowledge within the first place. Not like typical hackers, they aren’t recognized for breaching techniques themselves however are extremely regarded for analyzing and decoding leaked datasets. Whether or not they acquired the information from one other supply or carried out some refined knowledge aggregation continues to be unclear.
Their principle {that a} disgruntled worker leaked the information throughout the layoffs stays unconfirmed, and there’s no concrete proof to assist it; it is just a believable speculation given the timing and inner mess at X.
Why the Silence from X?
If the claims are true, this isn’t only a huge knowledge leak in measurement but additionally a blow to person privateness. Moreover, whether or not this was an inside job or not, customers are left with extra questions than solutions: How a lot of their knowledge has been “taken”? Who’s behind the leak? And why hasn’t X mentioned something about it, even after ThinkingOne tried reaching out a number of instances?
