200 Million X Accounts Leaked in Massive Data Breach — 2.8 Billion Twitter IDs Exposed

Elon Musk’s X, formerly known as Twitter, is facing one of its most alarming cybersecurity crises yet. A self-proclaimed data enthusiast has released what is believed to be a collection of over 200 million user records, tied to 2.8 billion unique Twitter user IDs, in what may be the largest leak of its kind in social media history.

The incident traces back to a vulnerability first reported in early 2022 through Twitter’s bug bounty program. This flaw allowed bad actors to retrieve private user data—including email addresses and phone numbers—simply by entering them into the system. Before the issue could be patched, attackers had already begun collecting and selling this data online.

Twitter acknowledged the breach in July 2022, stating:

“After reviewing a sample of the available data for sale, we confirmed that a bad actor had taken advantage of the issue before it was addressed.”

Now, in 2025, that same dataset has reportedly resurfaced—enhanced and expanded with newer information—and released in full by a user who goes by the handle ThinkingOne.

According to a post on a prominent breach forum, ThinkingOne released a 34 GB CSV file containing 201,186,753 records, each with a combination of public and private data. This includes: X screen names and user IDs, Full names and profile details, Locations, Email addresses, Follower counts and more

Cybersecurity group Safety Detectives confirmed that much of the data appears to be genuine. Their analysis found consistent formatting and matching records when compared with known user information.

In an email exchange with Forbes cybersecurity contributor Davey Winder, the leaker clarified that they don’t identify as a hacker, but rather a “data enthusiast” who operates within legal bounds.

“I don’t consider myself a hacker,” ThinkingOne said. “I’m simply sharing what was already out there—compiled and cleaned. My goal isn’t harm. It’s awareness.”

They also dropped a bombshell:

“The real story here is that 2.8 billion Twitter IDs were exfiltrated. That’s far beyond the number of active users. How did someone enumerate every Twitter ID unless they had internal access?”

This raises serious questions about whether the original breach was larger than initially reported—or if multiple data leaks were combined.

According to ThinkingOne, several attempts were made to alert X before releasing the dataset, but they claim to have received no response. As of this writing, X has not issued an official statement on the leak or its implications for affected users.

In previous security incidents, Musk’s leadership has typically leaned into damage control through X posts or brief press comments. However, no such statements have been made publicly in this case.

This data breach follows a string of security-related troubles for the platform:

These incidents have raised concerns about whether the platform’s technical team is adequately resourced and structured to handle large-scale threats.

Though X has not confirmed the leak, users are advised to take precautions immediately, including:

Given the nature of the breach, affected users may be at risk of spam, impersonation, or more serious identity-based attacks.

This may be one of the most significant social media data leaks ever recorded, both in scale and implication. With over 200 million users compromised and 2.8 billion IDs exposed, the breach reflects long-term vulnerabilities that may not have been fully resolved even years after the initial exploit was discovered.

For now, the ball is in X’s court to respond—and reassure a very nervous user base.

This is a developing story and will be updated as more information becomes available.