Massive Twitter data leak: 400GB and 2870M accounts

400GB of X (formerly Twitter) user data has been leaked on a hacker forum.
The breach could involve up to 2.870 billion profiles, including metadata and email addresses.
The case points to a disgruntled employee following mass layoffs at the company.
Passwords are not included, but the risks of phishing and personalized scams are high.

A new data breach has rocked the digital world, potentially affecting billions of accounts linked to X, the platform formerly known as Twitter. The information, which was allegedly distributed through the BreachForums forum, once again raises concerns about the security of personal data on social media.

The leaked content, which reaches a total size of 400 gigabytes, contains metadata of user profiles collected between 2021 and early 2025. Although the platform has not issued an official statement, several cybersecurity experts agree on the seriousness of the situation.

How did the data breach occur?

Everything points to The origin of the leak would be linked to a former employee of the company, who would have accessed the information during the mass dismissal processes that recently affected X. This person, identified in the forums as ThinkingOne, explained that he tried to contact the company through various channels to report the problem, but received no response.

Faced with X's apparent indifference, ThinkingOne decided to make the database public. To this end, he not only disseminated current data, but also combined them with those from a previous leak from 2023, which increased both the volume and the number of profiles involved. This case is reminiscent of other data breach incidents, such as the leak at El Corte Inglés.

Exclusive content - Click Here How to change Avast Security for Mac password?

Although the number of active X users is estimated at just over 330 million, The leaked data would cover up to 2.870 million records. According to security experts, this difference may be due to the inclusion of inactive accounts, bots, deleted profiles, or historical data stored by the platform.

What exactly does the leak include?

Chippers

Unlike other breaches that have compromised passwords or payment details, This focuses on highly detailed metadata of the profiles. Among the leaked items are:

Unique user identifiers (IDs)
Names and pseudonyms
Profile URLs
Creation dates
Location and time zone information
Followers and following count (from 2021 and 2025)
Favorites and Posts Activity
Current and 2021 display name
Source of the last tweet (e.g., which app it was sent from)

In addition, some batches of information would also include email addresses, which significantly increases the risk of phishing attacks. This problem has been seen in other breaches, such as the Ticketmaster leak.

A joint file with the data from both leaks generated a Verified CSV with over 201 million entriesCybersecurity firm SafetyDetectives said it checked a random sample of these records, confirming that the information matched real users.

Reactions from cybersecurity experts

Industry experts have classified this gap as one of the largest in the history of social media. Although the nature of the data may seem insensitive as it does not include passwords, the level of detail provides enough information to be used in social engineering campaigns and personalized frauds.

Exclusive content - Click Here How to name your sounds so that other users can easily find it on Tik-Tok?

One of the most immediate risks, they point out, is the use of data in well-articulated phishing campaignsIf a cybercriminal has access to both the email and the user's activity history and name, they can craft particularly convincing messages to deceive victims. This is similar to concerns that have been raised about other recent breaches, such as the LinkedIn leak.

It also warns about so-called targeted attacks., in which criminals adapt their strategies based on the interests or behaviors detected in the leaked profiles. This could lead to more complex scams, spam attacks or even digital extortion.

What data loss prevention tools does Sophos Home include?

What can affected users do?

While users cannot retroactively prevent their information from being leaked, they can take protection measures:

Change X's password immediately, preferably using a complex key or automatic generator.
Avoid clicking on suspicious links or respond to emails from unknown senders.
Review and strengthen privacy settings in digital networks and services.
Be alert to phone calls, SMS or emails requesting sensitive data.
Monitor bank accounts, email accounts, and other linked platforms looking for unusual activity.
Report any suspicious behavior directly to X or to local authorities if a scam is suspected.

Those who manage multiple accounts are also advised to check for cross-matches on other platforms, as cybercriminals often reuse information to try to access multiple services. For added security, it's key to know how to create secure databases.

Exclusive content - Click Here How to fight the spread of viruses with the OneNote firewall?

Twitter has not commented on the matter.

One of the most disturbing issues of this incident is the lack of response or transparency on the part of X. To date, the company has not issued any official statement, neither confirming nor denying the authenticity of the file.

This silence has caused unrest in the tech community, especially among security researchers, who believe the company should at least publicly report on the situation.

The context doesn't help either: just a few days ago, the company was acquired by xAI, the artificial intelligence firm founded by Elon Musk. This transition could be delaying the institutional response or complicating crisis management.

In any case, Specialists agree that the lack of communication increases uncertainty and leaves users unprotected. Many are wondering if their accounts have been compromised and what internal measures X has taken to mitigate the impact of the problem.

Everything points to a case that will mark a turning point in social media cybersecurity. Although most of the data is not extremely sensitive on its own, combining it can have very serious implications in the wrong hands.

The digital community is calling for greater accountability from platforms to protect their users' data and to act swiftly when a security breach occurs. Waiting for X to speak out and give explanations, experts insist that individual surveillance and good practice remain the first line of defense for avoid being victims of digital scams or fraud.

Alberto navarro

I am a technology enthusiast who has turned his "geek" interests into a profession. I have spent more than 10 years of my life using cutting-edge technology and tinkering with all kinds of programs out of pure curiosity. Now I have specialized in computer technology and video games. This is because for more than 5 years I have been writing for various websites on technology and video games, creating articles that seek to give you the information you need in a language that is understandable to everyone.

If you have any questions, my knowledge ranges from everything related to the Windows operating system as well as Android for mobile phones. And my commitment is to you, I am always willing to spend a few minutes and help you resolve any questions you may have in this internet world.