Last week, xAI acquired X for $33 billion. Elon Musk was seemingly stoked, indicating “xAI and X’s futures are intertwined.” The acquisition shows great potential for Grok as xAI can leverage X’s vast database to train Grok, potentially giving OpenAI’s new ChatGPT-4o image generator tool a run for its money.
While this might be in the pipeline, X was recently hit by a massive data leak featuring 2.8 billion Twitter IDs, potentially impacting over 200 million users (via Safety Detectives).
According to the information shared by ThinkingOne, the data breach likely took place during the massive layoffs at X. Interestingly, the bad actors claim they attempted to reach X via multiple platforms, but their efforts were rendered futile.
This potentially explains why the information seemed to be under the wraps, which fueled the attackers’ frustration, prompting them to release the information to the public for free. The information featured the data obtained during the recent company-wide layoffs, coupled with another data breach from January 2023.
For context, the 2023 data breach impacted over 209 million X users, exposing their email addresses, usernames, followers count, and account creation dates. However, the massive data breach was watered down, with X claiming that the leak only featured publicly available data.
The company claimed that the bad actors didn’t access any sensitive data. However, cybersecurity experts indicated that the data breach posed a great risk as a combination of emails and public data could heavily prompt phishing attempts by attackers.
But as it now seems, the recent data breach was more critical in comparison. While the bad actors didn’t access email addresses, it included location and time zone settings, tweet count and timestamps of the last tweet, source of the last tweet, status settings, and more.
Was X’s massive data breach an inside job?
While speaking to Forbes via email, ThinkingOne indicated that they didn’t see themselves as a hacker, but a data enthusiast attempting to do everything “legal.”
The real story (to me, at least) is that 2.8 billion records were exfiltrated from Twitter/X. This is by far the largest social media breach ever, in terms of number of users, and there is at least a possibility that the person responsible for the breach has other data including emails, phone numbers, and passwords.
ThinkingOne
It’s worth noting that the data released to the public is a combination of the 2023 and 2025 leaks compressed into a 34 GB CSV file. While the data features over 201 million entries, it only includes data belonging to users who were impacted by both incidents.
ThinkingOne confirmed to Forbes:
“The dataset leaked in January, 2025 included over 2.8 billion unique Twitter IDs and screennames. I checked a representative sample of 100 and 92 had the correct user ID and screenname.”
The data enthusiast expressed concern over the massive data breach that impacted millions of users. “How could someone enumerate all Twitter user IDs, unless they were an employee or this was a very serious hacking job?” ThinkingOne added.
We’ll keep tabs on this story as it unfolds and keep you posted on any new developments as they unfold.
