/wion/media/agency_attachments/2024/12/26/2024-12-26t112006978z-wion-white-logo-for-website-2-1.png){kind=logo}
/wion/media/agency_attachments/2024/12/13/2024-12-13t071548098z-wionlogo.webp)
/wion/media/media_files/2025/04/02/sXSG13iVxWJu4bnmYgE1.png)
There has been a massive data breach at Elon Musk's X (formerly known as Twitter) as a hacker claimed to have publicly posted a database containing details of around 200 million X users.
The researchers discovered a post on the hacking forum "Breachforums" from a user named ThinkingOne, according to Safetydetective.com.
The post included a 34 GB .CSV file containing data from over 201 million entities.
Also read: AT&T data breach: Personal information of 73 million current and former users leaked online
The data includes plenty of metadata on each account, and the email address connected to the account.
SafetyDetectives said they checked a sample of users included in the leak and found that the information was correct and that the emails listed were valid.
The hacker in the post claimed that the data was shared after the realisation that neither X nor the general public was aware of “the largest social media breach ever”.
ThinkingOne further claimed to have tried contacting X via several methods, however, there was no response.
Also read: 'Not your fault': Elon Musk's X goes down for the second time in day, 'don’t fret' app assures
Moreover, the researchers at Safetydetective.com said they have verified the leaked data, which includes X screen names and user IDs, full names, locations, email addresses, follower counts, profile data, time zones, profile images, and more.
“We reviewed the information corresponding to 100 users in the list, and we found that it matched what was shown on Twitter. We also verified a considerable amount of emails, which turned out to be valid email addresses, though we cannot confirm that the emails belong to the accounts listed,” they said.
'A data enthusiast, not a hacker'
ThinkingOne, in a conversation with Forbes, claimed that they don's consider themselves a hacker, but rather data enthusiasts “who try to ensure everything they do is legal”.
“This is by far the largest social media breach ever, in terms of the number of users, and there is at least a possibility that the person responsible for the breach has other data, including emails, phone numbers and passwords,” ThinkingOne claimed.
However, the exact origin of the breach is still unclear, ThinkingOne claims that they accessed X data leaked in January 2022 and added it to a further breach, which they claimed was leaked in January 2025.
“The dataset leaked in January 2025 included over 2.8 billion unique Twitter IDs and screennames,” ThinkingOne told Forbes, “I checked a representative sample of 100 and 92 had the correct user ID and screenname.’
“How could someone enumerate all Twitter user IDs, unless they were an employee or this was a very serious hacking job?," the hacker added.
Also read: Is Grok AI in trouble? Indian govt in touch with Elon Musk's X over chatbot's witty-abusive answers