• Home
  • cyber
  • BreachForums: Hacker database gets hacked, leaks 324,000 accounts
cyber Breach

BreachForums: Hacker database gets hacked, leaks 324,000 accounts

Aug 11, 2025 2 min read
BreachForums: Hacker database gets hacked, leaks 324,000 accounts

BreachForums Hacked: 324,000 Accounts Exposed in Irony-Laden Cyberattack

In a striking twist, BreachForums a notorious hacking forum used to trade stolen data and cybercrime tools was itself breached, exposing approximately 324,000 user accounts. The incident, reported by Bleeping Computer, involved an SQL file containing usernames, registration details, and IP addresses, which surfaced on a site linked to the ShinyHunters extortion gang.

Of the compromised accounts, 70,296 included public IP addresses, potentially enabling law enforcement to identify and track malicious actors. The breach occurred during a domain migration, with BreachForums’ administrator attributing the leak to an "unsecured folder" left vulnerable during the transition.

Adding to the irony, ShinyHunters alleged that BreachForums was a "honeypot" a fake platform operated by law enforcement to ensnare cybercriminals. This isn’t the forum’s first breach; it has faced repeated security failures in the past.

BreachForums, a hub for hackers selling illicit data and tools, was seized by authorities on August 11, 2025, before resurfacing under a new domain. The latest breach underscores the persistent vulnerabilities in even the most infamous cybercrime platforms.

Source: https://www.notebookcheck.net/Hacker-database-gets-hacked-leaks-324-000-accounts.1202760.0.html

HackRead Media cybersecurity rating report: https://www.rankiteo.com/company/hackread

"id": "HAC1768245488",
"linkid": "hackread",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '324,000 accounts',
                        'industry': 'Cybercrime Marketplace',
                        'name': 'BreachForums',
                        'type': 'Hacking Forum'}],
 'attack_vector': 'Unsecured folder during domain migration',
 'data_breach': {'data_exfiltration': 'Yes (SQL file, text file, PGP key file '
                                      'leaked)',
                 'file_types_exposed': ['SQL', 'Text', 'PGP key'],
                 'number_of_records_exposed': '324,000',
                 'personally_identifiable_information': 'IP addresses, '
                                                        'usernames',
                 'sensitivity_of_data': 'High (public IP addresses could lead '
                                        'to user identification)',
                 'type_of_data_compromised': ['Usernames',
                                              'IP addresses',
                                              'Registration dates']},
 'description': 'BreachForums, an infamous forum used by hackers to distribute '
                'leaked and stolen data, suffered a data breach compromising '
                'roughly 324,000 accounts. The breach included usernames, IP '
                'addresses, and registration dates, with some public IP '
                'addresses that could be used by law enforcement to track '
                'malicious actors. The breach was claimed by ShinyHunters, who '
                "alleged BreachForums was a 'honeypot' for law enforcement.",
 'impact': {'brand_reputation_impact': 'Severe, given the nature of the forum '
                                       'and repeated breaches',
            'data_compromised': 'Usernames, IP addresses, registration dates',
            'identity_theft_risk': 'High for affected users due to exposed IP '
                                   'addresses and usernames',
            'operational_impact': 'Compromised user trust, potential law '
                                  'enforcement tracking of malicious actors',
            'systems_affected': 'BreachForums website and database'},
 'lessons_learned': 'Unsecured storage of sensitive data during migrations can '
                    'lead to breaches. Repeated breaches undermine trust in '
                    'cybercrime platforms.',
 'motivation': 'Extortion, Alleged Law Enforcement Honeypot Exposure',
 'post_incident_analysis': {'corrective_actions': 'Secure data storage '
                                                  'practices, encryption of '
                                                  'sensitive data, enhanced '
                                                  'monitoring',
                            'root_causes': 'Unsecured folder during domain '
                                           'migration, lack of encryption for '
                                           'sensitive data'},
 'recommendations': 'Implement secure data handling practices during '
                    'migrations, enforce encryption for sensitive data, and '
                    'enhance monitoring for unauthorized access.',
 'references': [{'source': 'Bleeping Computer'}],
 'response': {'communication_strategy': 'Administrator acknowledged unsecured '
                                        'folder during migration',
              'recovery_measures': 'Migration to a new domain'},
 'threat_actor': 'ShinyHunters',
 'title': 'BreachForums Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unsecured storage of sensitive data'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.