Elon Musk’s social media platform, X, experienced widespread outages on Monday, with the billionaire attributing the disruption to a cyberattack originating from Ukraine. While the specifics remain unclear, Musk claimed during an interview on Fox Business that the attack aimed to bring down X’s system.
“We’re not sure exactly what happened,” Musk said. “But there was a massive cyberattack to try to bring down the X system, with IP addresses originating in the Ukraine area.”
He did not elaborate on whether the attack was connected to the Ukrainian government or if it was carried out by independent hackers. Cybersecurity experts caution that IP addresses can be spoofed, making it difficult to determine the true origin of an attack. It is not uncommon for hackers to disguise their locations, using virtual private networks (VPNs) or compromised devices in other countries to mislead investigators.
Reports of service disruptions began around 6 a.m. ET, with outage tracking site DownDetector recording 20,538 user complaints. After a brief respite, a second wave hit at 10 a.m., with nearly 40,000 reports. The disruptions gradually subsided in the afternoon, and by the 4 p.m. ET hour, Musk confirmed that X was operational again.
The global nature of the outage was evident from DownDetector’s international reports, which showed disruptions in various countries. Users on the platform complained that X would not load, while others experienced slow functionality and partial access. Some speculated that the incident was a routine technical failure, while others supported Musk’s claim of a coordinated cyberattack.
DownDetector relies on self-reported data, meaning the exact scale of the outage remains uncertain. CNN reached out to X for an official response, but the company has a longstanding policy of not engaging with media inquiries.
Musk, known for his direct engagement on X, suggested that “a large, coordinated group and/or a country” was behind the attack. He also responded affirmatively to a user who speculated that certain entities were attempting to silence him and his platform. However, without concrete evidence linking the attack to a specific group, his claims remain speculative.
Cybersecurity expert Eric Noonan, CEO of CyberSheath, advised caution in drawing conclusions too soon.
“One of the things that should always be taken with a grain of salt is any statements made in the short period of time, immediately after, or even in this case during an attack,” Noonan said.
This is not the first time Musk has linked technical difficulties to cyberattacks. In August 2024, when his conversation with Donald Trump on X was delayed by 42 minutes, he speculated that a distributed denial-of-service (DDoS) attack was responsible. DDoS attacks overwhelm servers with fake traffic, causing disruptions, though no concrete evidence was provided at the time.
Similarly, in 2023, technical issues plagued Florida Governor Ron DeSantis’ presidential campaign announcement on X, though no cyberattack was officially blamed.
DDoS attacks are designed to create disruptions, but other forms of cyberattacks, such as ransomware, have become more prevalent due to their financial incentives. In a ransomware attack, hackers encrypt critical data and demand payment in exchange for restoring access. While ransomware is primarily motivated by financial gain, DDoS attacks are often used for political or ideological purposes.
Musk’s takeover of X, formerly known as Twitter, in 2022 marked a period of sweeping changes and cost-cutting measures. He quickly dismissed the company’s top executives and, within days, laid off around 3,500 employees—approximately half of Twitter’s workforce. In the months that followed, X reduced its staff by 80% and mandated a return-to-office policy for remaining employees.
Critics argue that these drastic staff reductions have weakened X’s ability to maintain a stable and secure platform. With fewer engineers and cybersecurity personnel, the company may be more vulnerable to cyberattacks and technical failures. Some experts believe that the recurring glitches and outages on X are a direct consequence of these cost-cutting measures.
Monday’s outage added to the list of technical challenges under Musk’s leadership. Since acquiring X, he has implemented numerous changes, including rebranding the platform, altering its algorithm, and introducing new monetization strategies. However, these changes have been accompanied by frequent disruptions and user dissatisfaction.
The turmoil extended beyond X, affecting Musk’s other business interests. Tesla’s stock took a sharp 15% plunge on Monday, wiping out the gains it had accumulated since Donald Trump’s re-election in November 2024. This decline has raised concerns among investors about the broader stability of Musk’s ventures.
While Tesla has faced challenges related to supply chain disruptions and increasing competition in the electric vehicle market, the stock drop on Monday suggests that market confidence in Musk’s leadership may be wavering. Some analysts speculate that Musk’s focus on X has distracted him from Tesla’s core operations, contributing to the company’s declining performance.
As investigations into the cyberattack continue, questions remain about whether X’s security infrastructure can withstand future threats and whether Musk’s claims about Ukraine’s involvement hold any merit. If the attack was indeed state-sponsored, it could escalate geopolitical tensions, particularly given the ongoing conflict between Ukraine and Russia.
Regardless of the source of the attack, X’s latest outage highlights the vulnerabilities of modern digital platforms. With social media playing a critical role in global communication, disruptions of this magnitude raise concerns about cybersecurity preparedness. Whether the attack was the work of a nation-state, an independent hacking group, or simply a technical failure, X’s response in the coming days will be closely scrutinized.
For Musk, the challenge now is to restore confidence in X’s reliability while addressing the broader concerns surrounding cybersecurity and platform stability. Whether he will take further measures to reinforce X’s security infrastructure remains to be seen. In the meantime, the platform’s users, investors, and cybersecurity experts will be watching closely for any new developments.
