A cyber sleuth has posted on a prominent cybercrime forum what they claim is the largest social media data breach ever, which allegedly leaked information linked to more than 2.8 billion accounts on X, formerly Twitter.
The breach, which emerged on Tuesday, was flagged by cybersecurity group SafetyDetectives after a user identifying as “ThinkingOne” shared a massive 34GB CSV file online. The dataset reportedly combines two separate leaks, merging fresh metadata from a 2025 breach with email addresses stolen in a previous 2023 incident.
Newsweek contacted X for confirmation on the attack via email.
The Context
This leak could enable widespread phishing and identity scams by correlating email addresses with detailed metadata, including usernames, tweet history, and location data. The breach would rank among the largest data exposures in history in terms of account volume, raising serious questions about internal controls at the platform and its handling of past and ongoing cybersecurity threats.
What To Know
The new leak allegedly stems from a 400GB trove of user data said to have been exfiltrated by a disgruntled employee during mass layoffs at X following Musk’s 2022 acquisition of the company, according to reports from Computing.
While the 2023 leak involved approximately 200 million records and sensitive information like email addresses, the 2025 breach reportedly encompasses metadata for nearly 3 billion profiles, including display names, tweet counts, location and time zone data, verification status, and the applications used to post the last tweets.
Getty Images
The data likely includes deactivated accounts, bots, spam accounts, and API-based profiles, which could explain the discrepancy between the number of leaked profiles and the current user base of X, estimated to be around 335 million globally.
ThinkingOne alleged that despite attempting to contact the company, X did not acknowledge the attack, prompting them to publish the data online.
“My goal here has just been to try to make sure that X is aware of the breach,” ThinkingOne told Newsweek. “I’m guessing by now they are, but it is frustrating where they won’t even confirm they are aware of an alleged breach.”
The post did not include passwords or payment data but contained sensitive metadata that can still be exploited for identity theft or impersonation.
ThinkingOne said that they don’t consider themselves a hacker, and that they try to ensure everything they do with the data is legal. It is not known how the user acquired the data.
What People Are Saying
In their post, ThinkingOne said: “There is no sign that X or the general public is aware of the largest social media breach ever.”
What Happens Next
X has not yet publicly acknowledged any data breach. The exposure comes just days after Elon Musk completed the transfer of X to his AI venture, which will become a major part of the site’s future.
This article was originally published by a www.newsweek.com . Read the Original article here. .