Technology
200 million social media records leaked in major X data breach
X, formerly known as Twitter, has been making headlines recently, with Elon Musk claiming that hackers have been trying to disrupt the platform. However, the most recent news involving the social media site is particularly alarming and puts its users at serious risk.
Earlier this month, reports emerged of a major data breach involving X, after a self-proclaimed data enthusiast known as “ThinkingOne” claimed to have released a database containing over 200 million user records on a popular hacker forum. The leaked data includes names, email addresses and nearly everything else associated with a user’s X profile.
Stay protected & informed! Get security alerts & expert tech tips – sign up for Kurt’s ‘The CyberGuy Report’ now.
X app on an iPhone (Kurt “CyberGuy” Knutsson)
What you need to know
The X data leak is believed to stem from a combination of breaches, including a massive one that allegedly occurred in January 2025 and another in 2023. The leaked dataset, reportedly a 34 GB CSV file, contains 201,186,753 entries with information such as X screen names, user IDs, full names, locations, email addresses (from the 2023 breach), follower counts, profile data, time zones and profile images.
ThinkingOne claimed that the data was cross-referenced from a larger breach involving 2.8 billion unique Twitter IDs and screen names. This breach may have been linked to an insider job during layoffs at X, although the company has not verified this claim. Cybersecurity researchers, including those from Safety Detectives, partially confirmed the authenticity of the data by matching a sample with public X profiles and verifying some email addresses. However, they were not able to fully confirm ownership.
The breach appears to trace back to a vulnerability identified in January 2022 through Twitter’s bug bounty program. This flaw allowed attackers to access user data using only an email address or phone number. Although the vulnerability was patched, the compromised data seems to have resurfaced in later leaks.
Partial confirmation of the data (Safety Detectives) (Kurt “CyberGuy” Knutsson)
MALWARE EXPOSES 3.9 BILLION PASSWORDS IN HUGE CYBERSECURITY THREAT
The data breach puts X users at risk
The 2025 incident alone does not include passwords or financial information, but when combined with the email addresses from the 2023 leak, it significantly increases the risk of phishing and social engineering attacks. X has not officially acknowledged this specific breach at the time of writing, although it previously downplayed the 2023 incident by claiming it involved mostly public data.
The total of 2.8 billion records far exceeds X’s estimated 335 to 600 million active users, suggesting that the dataset may include inactive accounts, bots or historical data. While the full scope and impact of the breach remain unclear, the incident highlights ongoing security challenges for the platform, especially following its acquisition by xAI in late March 2025.
X logo on a smartphone (Kurt “CyberGuy” Knutsson)
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
7 ways you can stay safe from the X data breach
If you have an account on X or think your data may have been part of the breach, here are seven important steps you can take to protect yourself.
1) Use strong antivirus software
This breach included email addresses linked to X accounts, prime fuel for phishing attacks. Hackers may now send emails that look like they’re from X, Musk or support, asking you to “verify your account” or “reset your password.” These often contain links or attachments that can install malware or steal personal data.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2) Remove your personal data from the internet
Since this X leak exposed full names, email addresses and other public-facing profile details, hackers can easily cross-reference it with other data broker sites to build a full profile on you. This could lead to impersonation or spear-phishing.
To reduce your exposure, use a trusted data removal service that scans data broker websites and requests the deletion of your personal information. While no service promises to remove all your data from the internet, having a removal service is great if you want to monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
3) Change your X account password
Even though this particular breach may not have included passwords, there’s still a significant risk, especially if you use the same password across multiple platforms. Once attackers have your email, they often try using it with common or previously leaked passwords to break into accounts.
To change your X account password, go to Settings and privacy from your profile menu, then select Your account and tap on Change your password. Enter your current password, set a new strong password and confirm the change. You can do this via the mobile app or by logging in through the web. Consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed password managers of 2025 here.
4) Make your X profile more private to reduce future risk
Adjust your X account’s privacy settings to limit the visibility of personal information, such as making your profile private. Ensure that only necessary information is publicly visible. Information that seems harmless, like your location, job title or birthday, can be used by cybercriminals to impersonate you or guess your login credentials. If your X profile includes any personal details that aren’t necessary, now is the time to remove them.
Keeping your profile minimal not only protects your privacy but also makes it harder for scammers to craft convincing phishing messages or social engineering attacks. Think twice before posting personal updates or details publicly, especially if they can be used to guess passwords or verify your identity.
Go to Settings > Privacy and safety and lock down your account visibility.
5) Enable two-factor authentication (2FA) for your X and email accounts
If hackers got your email from the X breach, they may try to reset your password. 2FA helps stop this by requiring a second code to log in:
- Use an authenticator app like Google Authenticator or Authy, not SMS, which can be intercepted
- Secure your email accounts, too, since they can be used to reset your X credentials
6) Use a VPN on public Wi-Fi
Protect your data when accessing X or other platforms on public networks by using a VPN to encrypt your connection. This will help safeguard your information from being intercepted by malicious actors. A reliable VPN is essential for protecting your online privacy and ensuring a secure, high-speed connection. For the best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android and iOS devices.
7) Sign up for identity theft protection to catch if your X-linked info is abused
With 200-plus million names and email addresses exposed, scammers may try opening accounts in your name or use your email in fraud attempts. Good identity protection can alert you if your info is being sold on the dark web. It can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals. See my tips and best picks on how to protect yourself from identity theft.
NEW PHISHING SCAM OUTSMARTS SECURITY CODES TO STEAL YOUR INFO
Kurt’s key takeaway
The X breach is yet another reminder that patching a vulnerability is only one piece of a much larger puzzle. The persistence of leaked data – years after the original flaw was disclosed and fixed – highlights the long tail of exposure that comes with large-scale breaches. Even when credentials aren’t involved, the combination of identifiers like email addresses, names and social connections can be weaponized through correlation attacks, data enrichment and AI-assisted social engineering.
Do you feel that companies are doing enough to protect your data from hackers and other cyber threats? Let us know by writing us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Wiles says she called Musk on the carpet. “You can’t just lock people out of their offices,” she recalls telling him. At first, Wiles didn’t grasp the effect that slashing USAID programs would have on humanitarian aid. “I didn’t know a lot about the extent of their grant making.” But with immunizations halted in Africa, lives would be lost. Soon she was getting frantic calls from relief agency heads and former government officials with a dire message: Thousands of lives were in the balance.
Wiles continued: “So Marco is on his way to Panama. We call him and say, ‘You’re Senate-confirmed. You’re going to have to be the custodian, essentially, of [USAID].’ ‘Okay,’ he says.” But Musk forged ahead—all throttle, no brake. “Elon’s attitude is you have to get it done fast. If you’re an incrementalist, you just won’t get your rocket to the moon,” Wiles said. “And so with that attitude, you’re going to break some china. But no rational person could think the USAID process was a good one. Nobody.”
NEWYou can now listen to Fox News articles!
OpenAI announced an update for ChatGPT Images that it says drastically improves both the generation speed and instruction-following capability of its image generator.
A blog post from the company Tuesday says the update will make it much easier to make precise edits to AI-generated images. Previous iterations of the program have struggled to follow instructions and often make unasked-for changes.
“The update includes much stronger instruction following, highly precise editing, and up to 4x faster generation speed, making image creation and iteration much more usable,” the company wrote.
“This marks a shift from novelty image generation to practical, high-fidelity visual creation — turning ChatGPT into a fast, flexible creative studio for everyday edits, expressive transformations, and real-world use.”
CHINESE HACKERS WEAPONIZE ANTHROPIC’S AI IN FIRST AUTONOMOUS CYBERATTACK TARGETING GLOBAL ORGANIZATIONS
The OpenAI GPT-5 logo appears on a smartphone screen and as a background on a laptop screen in this photo illustration in Athens, Greece. (Nikolas Kokovlis/NurPhoto via Getty Images)
The announcement comes just weeks after OpenAI CEO Sam Altman declared a “code red” in a memo within his company to improve the quality of ChatGPT.
In the document, Altman said OpenAI has more work to do on enhancing the day-to-day experience of its chatbot, such as allowing it to answer a wider range of questions and improving its speed, reliability and personalization features for users, according to The Wall Street Journal.
The reported company-wide memo from Altman comes as competitors have narrowed OpenAI’s lead in the AI race. Google last month released a new version of its Gemini model that surpassed OpenAI on industry benchmark tests.
GOOGLE CEO CALLS FOR NATIONAL AI REGULATION TO COMPETE WITH CHINA MORE EFFECTIVELY
The OpenAI logo Feb. 16, 2025 (Reuters/Dado Ruvic)
To focus on the “code red” effort to improve ChatGPT, OpenAI will be pushing back work on other initiatives, such as a personal assistant called Pulse, advertising and AI agents for health and shopping, Altman said in the memo, according to the Journal.
Altman also said the company would have a daily call among those responsible for enhancing ChatGPT, the newspaper added.
“Our focus now is to keep making ChatGPT more capable, continue growing, and expand access around the world — while making it feel even more intuitive and personal,” Nick Turley, the head of ChatGPT, wrote on X Monday night.
OpenAI CEO Sam Altman speaks during the Federal Reserve’s Integrated Review of the Capital Framework for Large Banks Conference in Washington, D.C., July 22, 2025. (Reuters/Ken Cedeno)
OpenAI currently isn’t profitable and has to raise funding to survive compared to competitors like Google, which can fund investments in their AI ventures through revenue, the Journal reported.
I never felt done with my Animal Crossing: New Horizons island. Despite playing every day for two years, and racking up 1,700 hours of playtime, I somehow never finished decorating. I had plenty of ideas for my island, sure, but actually implementing them was another story: The decorating and terraforming systems that helped make New Horizons a huge success are also slow, manual, and cumbersome, and my patience for decorating and redecorating had finally worn thin.
Fast-forward a few years, and a very much unexpected update is coming to finally fix some of those pain points. Update 3.0 is launching on January 15th, 2026, alongside the Switch 2 Edition of New Horizons. And while the paid Switch 2 upgrade has some nice-to-haves (like Joy-Con 2 mouse controls for indoor decorating), it’s the free update that brings all the key new features.
I recently attended a virtual preview for the New Horizons upgrade and update, and there are two caveats: I have not yet played either the Switch 2 version or the new free content myself, and it’s hard to gauge the quality of the Switch 2 version’s visual and performance improvements over a Zoom call. (I still have some unanswered questions about the biggest performance issues on the original Switch, like the choppy frame rate on more densely decorated islands.) But seeing the 3.0 additions in action, it was easy to imagine myself finishing my island — or at least an island.
As shown in the October announcement trailer, update 3.0 makes much-needed quality-of-life fixes. You’ll finally be able to craft multiple items at once, and crafting will pull materials from your overall storage instead of your pockets, meaning you won’t have to do a bunch of inventory management just to craft some decor. Then there’s Resetti’s Reset Service, which can help you clean up entire sections of your island instantly so you don’t have to pick everything up individually in order to redecorate. Some players also noticed a very subtle but potentially impactful change to movement while terraforming that should hopefully make it a smoother process. And then, as if to show off those decorating improvements, Nintendo also added Slumber Islands.
Not to be confused with dreams, New Horizons’ online island-sharing feature, Slumber Islands are extra sandboxes for you to decorate and play with, where you can set the time of day and the weather and magically conjure up any item you have in your in-game catalog to decorate with, similar to the Happy Home Paradise DLC. You can build bridges and inclines instantly by talking to Lloid, rather than going through Tom Nook and waiting (or time traveling) a day. And while it seems like terraforming works the same on Slumber Islands, the apparent addition of strafing while terraforming — instead of having to constantly reorient yourself manually — should help at least a little bit. (It’s the first thing I’m going to test on January 15th, that’s for sure.)
For me, the worst part of decorating in New Horizons was having an idea, ordering all the furniture I’d need for it over the course of days, testing out the design, realizing it did not look the way I envisioned, and facing the tedious process of breaking it all down and starting over again brick by brick — or, at the very least, having to push and pull objects around for a while to see if I could make it work. The design process I saw on Nintendo’s Slumber Island during the preview, meanwhile, seemed quicker and smoother. Trying out an idea or aesthetic in that environment doesn’t sound like such a tall order.
Without any hands-on time, I can’t say if it will actually be noticeably easier to design and decorate with the 3.0 update. But I’m excited by the idea that I can go to my Slumber Island scratch pad and try out my designs before committing to them (and the cost in bells to get it all done) on my main island. And maybe, if I really like how it feels to decorate, I’ll make an entire Halloween-themed Slumber Island — the kind of island I’ve wanted to make for years but never did on my main island, where the seasons continue to change and actively ruin the vibe.
Denver weather: Strong wind and increased fire danger Wednesday
Las Vegas and Seattle are the front-runners if NBA expansion to 32 teams happens
100-unit affordable housing community ‘The Iris’ opens in San Ysidro
Milwaukee woman claims predatory towing left her with hundreds in fees after apartment complex confusion
Charlotte hosts Atlanta following overtime win against Cleveland
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Video: Prosecutors Charge Nick Reiner With Murdering His Parents
HHS probes Minnesota’s use of billions in federal social service funds amid fraud concerns: report
Thousands of dinosaur footprints discovered on rock faces in northern Italy
Nick Reiner will be charged with first degree murder in his parents’ killing
DA: Nick Reiner will be charged with first-degree murder in deaths of Rob & Michele Reiner
-
Iowa2 days agoAddy Brown motivated to step up in Audi Crooks’ absence vs. UNI
-
Washington1 week agoLIVE UPDATES: Mudslide, road closures across Western Washington
-
Iowa1 week agoMatt Campbell reportedly bringing longtime Iowa State staffer to Penn State as 1st hire
-
Iowa4 days agoHow much snow did Iowa get? See Iowa’s latest snowfall totals
-
Cleveland, OH1 week agoMan shot, killed at downtown Cleveland nightclub: EMS
-
World1 week ago
Chiefs’ offensive line woes deepen as Wanya Morris exits with knee injury against Texans
-
Technology6 days agoThe Game Awards are losing their luster
-
Maine15 hours agoElementary-aged student killed in school bus crash in southern Maine
