BreachForums Data Leak Exposes Extensive Member Information

An impressive collection of personal details of over 212,000 members of the notorious BreachForums v1 hacking forum was recently leaked online.

The breach, attributed to the infamous threat actor Emo, involved the leakage of extensive personal records of the hacking forum members, including user IDs, email addresses, login names and IP addresses.

Cybersecurity Ramifications

This breach provides cybersecurity experts and law enforcement with a trove of data that could prove instrumental in combating cybercrime.

By analyzing the database, professionals can hone their understanding of cybercriminal networks, potentially leading to more targeted and effective measures against threat actors.

The leaked data could help build extensive profiles of threat actors, leading to better mitigation of future cyber threats. It could also allow security researchers and authorities to connect BreachForums members to other sites, ascertain geographical positions, and potentially link their real identities.

BreachForums’ Creator Previously Tried to Sell the Database

BreachForums was a successor to RaidForums, founded by Conor Fitzpatrick, also known as “Pompompurin,” who has tangled with the law himself.

As BleepingComputer reported, Emo got the leaked database directly from Fitzpatrick, who allegedly tried to sell it last year for $4,000 while out on bail. According to Emo, the data was eventually purchased by three other threat actors.

Two-Year-Old Backup Led to Massive Data Leak

The data allegedly originates from a November 2022 BreachForums database backup that Fitzpatrick uploaded to his MEGA account. The backup was manually exported in a tab-separated format instead of the traditional MyBB database format, indicating a deliberate effort to preserve the data discreetly.

Further complicating the matter, Fitzpatrick was re-arrested in January 2024 for breaching the terms of his pre-trial release by using an unauthorized computer and a VPN, raising suspicions of ongoing involvement in cybercrime.