In yet another alarming security breach, a database containing 200 million X user records has been leaked online, exposing sensitive user details. The breach, allegedly orchestrated by a self-proclaimed data enthusiast known as ThinkingOne, has been linked to a previously exploited vulnerability from Twitter’s pre-Elon Musk era.
How the Breach Happened
The origins of this leak trace back to January 2022, when a security flaw in Twitter allowed attackers to extract user data by simply inputting an email address or phone number. By July 2022, Twitter acknowledged that the vulnerability had been exploited before it could be patched, leading to a massive dataset of user information being sold on the dark web.
Now, it appears that the same data has resurfaced—combined with an alleged January 2025 leak—creating an even larger dataset of compromised accounts. 
What Data Was Leaked?
According to Safety Detectives, a cybersecurity research team that uncovered the breach, the leaked 34 GB CSV file contains over 201 million records, including:
✅ Usernames & IDs
✅ Full names
✅ Email addresses
✅ Locations
✅ Follower counts
✅ Profile details
✅ Time zones
✅ Profile images
While passwords were not included in the dataset, the exposure of email addresses and other personal details still poses a serious risk of phishing attacks, impersonation, and account takeovers.
What’s Next for X Users?
Despite repeated warnings and attempts to contact X’s security team, the data enthusiast who leaked the files claims they never received a response from the platform. This raises concerns over X’s ability to handle cybersecurity threats and protect user data.
If you have an X account, it’s strongly recommended that you:
🔹 Enable two-factor authentication (2FA)
🔹 Be cautious of phishing emails or messages
🔹 Change your password if your email was linked to your account
🔹 Monitor your accounts for suspicious activity
With Elon Musk’s platform already under scrutiny over multiple cybersecurity incidents, this latest leak serves as a stark reminder that social media users should always remain vigilant about their personal information online.
