Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
X, The Moonshot Factory

X, The Moonshot Factory Vendor Cyber Rating & Cyber Score

x.company
in
Add Your Compliance Badge
ISO 27001
SOC 2 Type 1
SOC 2 Type 2
PCI DSS
HIPAA
GDPR

We create breakthrough technologies to help solve some of the world’s biggest problems. Born at Google, we got our start creating self-driving cars and smart glasses. Since then, we’ve continued to bring sci-fi ideas into reality.


XMF A.I CyberSecurity Scoring

Incident Details
XMF
Company Information
Website:https://x.company
Employees number:3,030
Number of followers:183,905
NAICS:
Industry Type:Research
Homepage:x.company
Cyber Premium EstimationGet Supply Chain
XMF Risk Score (AI oriented)
Between 600 and 649
logo
XMFResearch
Updated:
02/04/2026
646/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
XMF Global Score (TPRM)
xxxx
logo
XMFResearch
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

XMF
XMFPoor
Current Score
646Caa (POOR)
01000
1 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JUNE 2026
652Before Incident
MAY 2026
649Before Incident
APRIL 2026
648Before Incident
MARCH 2026
640Before Incident
FEBRUARY 2026
643Before Incident
JANUARY 2026
640Before Incident
DECEMBER 2025
630Before Incident
NOVEMBER 2025
628Before Incident
OCTOBER 2025
627Before Incident
SEPTEMBER 2025
624Before Incident
AUGUST 2025
621Before Incident
JULY 2025
618Before Incident
JUNE 2025
768Before Incident
Breach
16 Jun 2025XMF
X (formerly Twitter)

The Shadow Breach: X’s 2025 Data Catastrophe and the Erosion of Digital Trust

614After Incident
CRITICAL-154
X19101619112425
In 2025, X suffered a catastrophic data breach stemming from misconfigured backend systems and insider threats during layoffs. Over 200 million user records (later expanded to 2.8 billion records totaling 400GB) were exposed, including emails, bios, follower counts, user IDs, locations, and interaction histories. The leak originated from legacy Twitter infrastructure clashing with new AI-driven features (e.g., Grok AI), bypassing privacy controls and enabling public API access to private data. Opportunistic scrapers and disgruntled employees exploited the vulnerability, fueling black-market data sales. The breach triggered regulatory investigations (GDPR, FTC), advertiser pullbacks, class-action lawsuits, and user migration due to eroded trust. Financial losses included $285,000/hour during outages, with long-term reputational and legal costs projected in the billions. The incident underscored systemic failures in access controls, transparency, and AI integration, amplifying calls for federal privacy reforms.
INCIDENT DETAILS -
TYPE
Data BreachInsider ThreatMisconfiguration
MOTIVATION
Financial Gain (Black Market Data Sales)Retaliation (Insider Threat)
IMPACT
Financial Loss: $285,000 per hour during outages (November 2025); potential billions in GDPR finesUser IDsLocationsInteraction HistoriesEmailsBiosFollower CountsMetadataPublic APIsBackend Developer ToolsAI-Driven Features (e.g., Grok AI)Downtime: Intermittent outages reported (e.g., March 2025 DDoS-like incident)Operational Impact: Advertiser pullback, regulatory investigations, loss of user trustRevenue Loss: Significant (exact figures undisclosed, but outages alone cost $285K/hour)Customer Complaints: Widespread user backlash, migration to competitor platformsBrand Reputation Impact: Severe erosion of trust, criticism over transparency and security practicesPotential GDPR fines (billions)Class-action lawsuitsFTC consent decreesIdentity Theft Risk: High (exposed PII sold on black market)
DATA BREACH
Personally Identifiable Information (PII)MetadataUser Interaction HistoriesEmailsBiosFollower CountsLocationsNumber Of Records Exposed: 200 million (confirmed); up to 2.8 billion (alleged)Sensitivity Of Data: High (includes PII, location data, and private interactions)Data Exfiltration: Yes (harvested by scrapers and insider(s))Data Encryption: No (data was exposed in plaintext via APIs)API logsUser databasesMetadataPersonally Identifiable Information: Yes (emails, user IDs, locations, bios)
REFERENCES
Blog URLSource URL

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for XMF ?
?
What was XMF's A.I Rankiteo Cyber Score in May 2026 ?
?
What was XMF's A.I Rankiteo Cyber Score in April 2026 ?
?
What was XMF's A.I Rankiteo Cyber Score in March 2026 ?
?
What was XMF's A.I Rankiteo Cyber Score in February 2026 ?
?
What was XMF's A.I Rankiteo Cyber Score in January 2026 ?
?
What was XMF's A.I Rankiteo Cyber Score in December 2025 ?
?
What was XMF's A.I Rankiteo Cyber Score in November 2025 ?
?
What was XMF's A.I Rankiteo Cyber Score in October 2025 ?
?
What was XMF's A.I Rankiteo Cyber Score in September 2025 ?
?
What was XMF's A.I Rankiteo Cyber Score in August 2025 ?
?
What was XMF's A.I Rankiteo Cyber Score in July 2025 ?
?
What is the average per-incident point impact on XMF's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with XMF ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view XMF's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?