Excerpt from BleepingComputer Article, Published on July 24, 2024.
The private information of BreachForums v1 members from 2022 has been leaked online, exposing users’ data to threat actors and researchers. BreachForums, created by Pompompurin after the FBI seized RaidForums in 2022, quickly became a hub for trading and leaking stolen data. The forum gained notoriety for leaking data from D.C. Health Link, RobinHood, and Twitter.
In March 2023, the FBI arrested the forum’s owner, Conor Fitzpatrick, aka Pompompurin. Following his arrest, multiple versions of the forum emerged, and the latest is still operational. Recently, a threat actor named Emo leaked the personal information of 212,414 members of BreachForums 1.0. Emo claims the data originated from Fitzpatrick, who allegedly tried to sell it in June 2023.
The leaked data includes user IDs, login names, email addresses, registration IP addresses, and the last used IP addresses. Researchers and law enforcement can use this information to link members to other sites, their geographic locations, and potentially their real identities.
The database leak mirrors the RaidForums data breach in May 2023, which exposed the information of 478,000 members. While law enforcement likely already possesses the BreachForums data, it remains valuable for security researchers profiling threat actors.
This BreachForums data leak highlights the ongoing risks and challenges in the cybersecurity landscape. Users of hacking forums face exposure and legal consequences, and these incidents serve as reminders of the importance of data security and the vigilance required to protect sensitive information.
By leveraging the leaked data, authorities and researchers aim to enhance their understanding of threat actors and strengthen cybersecurity measures. The BreachForums data leak underscores the need for robust cybersecurity practices and the continuous monitoring of online threats.
To delve deeper into this topic, please read the full article on BleepingComputer.