Introduction for HackingBlogs Readers: Details of more than 2.8 billion Twitter (X) profiles were made public by a shocking data breach. The corporation has not officially acknowledged the leak, which might have been the result of an employee in recent layoffs. This might be the biggest data dump on social media ever. Here is a summary of everything we now know, including the data leak and any possible dangers.
Source : Hackread
What We Know About the Leak ?
Details of the Leak:
- Size: 400GB of data
- Users Affected: 2.8 billion Twitter (X) accounts
- Alleged Cause: Insiders stealing data during layoffs
- Timeline: Leak surfaced in March 2025
What Data Was Exposed?
Several types of user profile information, much of which is semi-public, are included in the leaked material. This includes the dates of account creation, usernames, display names, bios, profile URLs, follower numbers (from 2021 and 2025), and even information on tweets, like timestamps and tweet counts.
Email addresses are a crucial piece of information that is absent from the leak, despite the fact that this data is detailed. In contrast, email addresses and other profile information were made public during the 2023 hack. Email addresses are not included in the 2025 leak, but when data from the 2023 breach was combined with this more recent leak, it appeared that email addresses were present.
- Account creation dates
- Usernames and display names
- Follower counts (for 2021 and 2025)
- Profile descriptions and URLs
- Location and time zone settings
- Tweet counts and last tweet timestamps
Link to the 2023 Breach
Email addresses and other user data associated with 209 million people were made public in a different breach in 2023. Experts warned that this data might still be used for phishing, despite Twitter’s (X) assertion that it was public.
Email addresses have not been included in this leak, in contrast to the 2023 hack. However, it offers full information such as: Numbers of followers across several years, Screen names and user IDs ,Activity information, including the number of tweets
Merged Data Confusion: A huge 34GB file was created by combining the 2025 and 2023 breaches. Because of this, some people thought that email addresses were included, although the merge was the only reason they showed up.
The number of 2.8 billion users impacted by this leak is troubling considering that as of January 2025, X had only 335.7 million members. The fact that the data contains archived information from banned or deleted accounts, bots, or inactive profiles in addition to active users is one explanation. The increased figure may also have resulted from the data being collected from previous disclosures or other public sources.
Who is ThinkingOne ?
The review of the leak was carried out by ThinkingOne, that specialises in data breach research rather than hacking. There is no proof to support the belief that the leak was produced by an unhappy worker.
Twitter (X) has not publicly acknowledged the hack, despite efforts to contact the firm. Users are left wondering why X has remained silent and how much of their data is impacted.
