In what may be the most significant social media breach ever, data from approximately 200 million X users has been compromised and made available on a hacking forum. The alleged breach was first reported by Safetydetective.com, whose researchers found a 34 GB downloadable file on the hacking forum “BreachForums” posted by a user named ‘ThinkingOne.
The 34 GB file allegedly contained data from approximately 201 million X users. According to Safetydetective.com, ThinkingOne claims to have shared the data after realizing that neither X nor public X users were aware of the ‘data breach’. ThinkingOne also claims to have “tried contacting X via several methods with no response.”
‘Data of X users genuine’
Meanwhile, researchers at Safetydetective.com claimed the data available in the file was genuine, which they verified by matching the information with their original X IDs.
We reviewed the information corresponding to 100 users in the list and found that it matched what was shown on Twitter. We also verified a considerable number of emails, which turned out to be valid email addresses; however, we cannot confirm that the emails belong to the listed accounts,” the researchers said.
They further stated that the allegedly compromised data included information such as X screen names and user IDs, full names, locations, email addresses, follower counts, profile data, time zones, profile images, and more.
‘Largest social media breach ever’
ThinkingOne, in a conversation with Forbes, stated that they are not hackers but ‘data enthusiasts’ who refrain from engaging in illegal activities and ensure that everything they do is lawful. ’
According to ThinkingOne, “This is by far the largest social media breach ever, in terms of the number of users, and there is at least a possibility that the person responsible for the breach has access to other data, including emails, phone numbers, and passwords.”
Origin of data breach still unclear
The exact origin of the data breach is still unclear. However, ThinkingOne claims it accessed X data leaked in January 2022 and combined it with another breach leaked in January 2025.
“The dataset leaked in January 2025 included over 2.8 billion unique Twitter IDs and screen names,” ThinkingOne was quoted as saying by Forbes. “I checked a representative sample of 100, and 92 had the correct user ID and screen name.”
The hacker added, “How could someone enumerate all Twitter user IDs, unless they were an employee or this was a highly sophisticated hacking job?”
