Shocking Data Breach: 200 Million X User Records Exposed — Are You at Risk?

In a startling revelation that has sent shockwaves through the tech world, the social media platform X (formerly Twitter) is facing a major data breach involving approximately 200 million user records. This unprecedented leak is rooted in a long-standing vulnerability that attackers exploited, and the implications for users are serious.

As of April 1, 2025, details emerged from a data enthusiast known as ThinkingOne, who claims to have accessed this substantial database. This data aficionado alleges that not only has user information from the initial 2022 breach resurfaced, but so has data from a leak reported in January 2025, bringing the total to a staggering 2.8 billion Twitter IDs.

The origins of this breach trace back to January 2022, when Twitter's bug bounty program disclosed a vulnerability that allowed unauthorized access to user information through just an email address or phone number. By July, it became evident that this flaw was exploited before a fix could be applied, resulting in stolen user data being sold on black markets. At that time, Twitter (now X) acknowledged the breach, confirming that malicious actors had indeed taken advantage of the vulnerability.

Fast-forward to today; ThinkingOne claims that they have compiled the data into a massive 34 GB CSV file containing over 201 million entries. This data has gained some validation from cybersecurity experts at Safety Detectives, who reported that it includes sensitive details such as user IDs, screen names, full names, geographical locations, email addresses, follower counts, profile images, and time zones.

“The dataset leaked in January 2025 includes over 2.8 billion unique Twitter IDs and screen names,” ThinkingOne revealed. After reviewing a sample, they confirmed that an overwhelming majority matched real user information.

As for the intentions behind this release, ThinkingOne, who styles themselves as a "data enthusiast" rather than a hacker, shared, "I tried to contact X to provide them with this information, but they never responded. So, I felt compelled to release it for free in order to raise awareness."

X has been under scrutiny for its handling of user data security. In a public stance taken back in January 2023, the platform expressed their commitment to user privacy, stating that no data was acquired through vulnerabilities of their systems. However, they acknowledged a troubling coding error from a June update that inadvertently allowed emails and phone numbers to be linked to user accounts in their systems.

This latest breach has raised concerns about the overall security measures that X has in place. Cybersecurity experts are now warning users to change their passwords and remain vigilant about possible phishing scams, as personal information may be circulating on the dark web.

With billions of records now in jeopardy, the stakes have never been higher. Could your information be out there? It's crucial to take proactive steps in protecting your digital identity. Stay informed and safeguard your accounts; the battle for online privacy continues.

This is a developing story, and we will continue to provide updates as more information becomes available.