Hacker Claims To Have Leaked 200 Million X User Data Records—For Free

Forbes - Mar 31st, 2025

A hacker has reportedly released a database containing details of approximately 200 million X user records. This incident traces back to a vulnerability discovered in January 2022 when X was still known as Twitter. An attacker exploited this vulnerability before it was patched, accessing data by using users' email addresses or phone numbers. Following this breach, data was sold online, and now the hacker claims to have combined this data with another breach from January 2025, releasing a 34 GB CSV file freely online. The data includes sensitive user details like screen names, user IDs, full names, locations, and more. Safety Detectives, a cybersecurity team, verified the authenticity of part of this data.

The implications of this data breach are significant for X's user base, raising concerns over privacy and security on the platform. Despite the hacker's attempts to inform X, they reportedly received no response, prompting the data giveaway. This incident adds to a series of security challenges faced by X, including previous platform outages and password scams. As the story unfolds, it underscores the ongoing vulnerabilities in digital platforms and the critical need for robust cybersecurity measures. The impact on X's reputation and user trust could be profound, especially with the social media landscape's heightened focus on data privacy.

Elon Musk Cybersecurity Data Breach User Data Hacker X Platform Privacy Concerns

Story submitted by Fairstory

RATING

6.8

Fair Story

Consider it well-founded

The news story effectively covers a significant data breach claim involving X, presenting a clear timeline and context. Its strengths lie in the timeliness and public interest dimensions, as it addresses a pressing issue affecting millions of users. However, the article could improve in balance and source quality by incorporating more diverse perspectives and authoritative sources. While the clarity of the narrative is commendable, transparency about verification methods and potential biases could be enhanced. Overall, the story provides a solid foundation for understanding the breach but would benefit from additional depth and corroboration to fully assess its implications.

Accuracy

The story presents several factual claims, most notably the hacker's release of 200 million X user data records. The article accurately describes the historical context of a vulnerability discovered in January 2022, which aligns with known events where Twitter's system was compromised through email or phone number exploitation. However, the story's claim about a new breach in January 2025 requires verification, as it is speculative without additional evidence. The involvement of Safety Detectives in verifying part of the data adds credibility, but the lack of an official statement from X leaves room for uncertainty. The assertion that the data includes extensive user information is consistent with the hacker's claims, but the potential inaccuracies regarding the scale of the breach and the hacker's motivations need further investigation.

Balance

The article primarily presents the hacker's perspective and the cybersecurity team's findings, which could lead to a perception of bias towards the hacker's narrative. It lacks a balanced viewpoint as it does not include responses or perspectives from X or any cybersecurity experts outside of Safety Detectives. This omission of X's stance or potential countermeasures creates an imbalance, making the story feel one-sided. Including a broader range of perspectives, such as cybersecurity experts' opinions on the potential impact of the breach, would enhance the article's balance.

Clarity

The article is generally clear and concise, providing a straightforward narrative of the events leading to the current data breach claim. It effectively outlines the timeline from the initial vulnerability discovery to the present situation. The language is accessible, and the structure logically follows the progression of events. However, some technical terms, such as 'CSV file' and 'data breach forum,' could be further explained for readers unfamiliar with cybersecurity jargon. Overall, the article maintains a neutral tone and presents information in an easily digestible manner.

Source quality

The story references credible sources such as the Safety Detectives cybersecurity team, which lends authority to the claims about the data's partial verification. However, the lack of direct quotes or statements from X or other independent cybersecurity experts weakens the overall source quality. The article relies heavily on the hacker's post on a data breach forum, which, while relevant, is not independently corroborated. Including more authoritative sources or official statements would improve the reliability and credibility of the reporting.

Transparency

The article provides some context about the historical vulnerability and the hacker's claims, but it lacks transparency regarding the methodology used to verify the data's authenticity. It mentions the involvement of Safety Detectives but does not explain how they verified the data or the extent of their verification. The absence of clarity on the hacker's motivations and the lack of disclosure about potential conflicts of interest also diminish transparency. Greater detail on verification processes and potential biases would enhance the article's transparency.