:max_bytes(150000):strip_icc():focal(1013x496:1015x498)/Morgan-Wallen-Son-Dog-Attack-062023-9abfc02b26214d24bf55d60732b1ddf9.jpg "Morgan Wallen Says 4-Year-Old Son Indigo Has a ‘Little Attitude’")
There’s allegedly been a significant data breach at Elon Musk’s X, formerly known as Twitter.
Over the weekend, the cybersecurity team at SafetyDetectives discovered a post on the prominent hacking message board BreachForums from a poster named ThinkingOne. The post included a 34 GB .CVS file containing more than 201 million entries of data reportedly belonging to X users. This data includes plenty of metadata on each account, plus the email address connected to the account.
SafetyDetectives said they checked a sample of users included in the leak and found that the information was correct and that the emails listed were valid.
Where did the leak come from?
It’s unclear exactly how the breach occurred. This particular leak affects more than 200 million users. However, roughly 2.8 billion X accounts are reportedly affected, potentially making this one of the largest social media data leaks of all time.
According to ThinkingOne, there was a massive data breach at Musk’s X earlier this year, which saw data belonging to more than 2.8 billion X users leaked in a massive 400 GB file. In their post, ThinkingOne claims that there is “no sign that X or the general public is aware of the largest social media breach ever” and that they “tried contacting X via several methods with no response.”
Mashable Light Speed
This particular data breach did not disclose any sensitive information about X users. In fact, many of those accounts probably don’t even belong to real users. Based on current estimates from analytics platforms like Statista, X likely has around 400 million global users. Billions of those leaked X accounts likely belonged to bots, spammers, or individuals who deactivated or deleted their own accounts.
However, the leak allegedly includes plenty of metadata belonging to real accounts. And that meta data contains information such as account creation dates, locations, current and former display names, tweet count, favorites count, and other similar details.
X data leak threat
On its own, this data may not seem like much of a threat to users. But ThinkingOne went ahead and cross-referenced this latest leak with data belonging to 209 million users from a 2023 X data breach. The older breach contained much less metadata from each account but did include the email address connected to each user, which is typically not made publicly available.
By doing this, ThinkingOne created a file on 201 million active users from the 2025 leak whose email addresses had previously been leaked.
With the email addresses and metadata combined, hackers could easily target X users with phishing emails, social engineering campaigns, and other scams.
X downplayed the first of the leaks mentioned in 2023 but has not yet confirmed or even acknowledged the alleged 2025 leak. Musk’s social media platform X was just sold to Musk’s own AI company, xAI, on Friday.
:max_bytes(150000):strip_icc()/GettyImages-2205311959-4e81505b5b11480ca8212c656df19309.jpg "Newsmax Stock Plummets After Wild Post-IPO Runup")
