The most recent incarnation of the infamous BreachForums hacking discussion board has suffered a knowledge breach, with its consumer database desk leaked on-line.
BreachForums is the identify of a collection of hacking boards used to commerce, promote, and leak stolen information, in addition to promote entry to company networks and different unlawful cybercrime providers.
The positioning was launched after the primary of those boards, RaidForums, was seized by legislation enforcement, with the proprietor, “All-powerful”, arrested.
Whereas BreachForums has suffered information breaches and police actions in the previous, it has been repeatedly relaunched beneath new domains, with some accusing it of now being a honeypot for legislation enforcement.
Yesterday, a web site named after the ShinyHunters extortion gang launched a 7Zip archive named breachedforum.7z.
This archive comprises three information named:
- shinyhunte.rs-the-story-of-james.txt
- databoose.sql
- breachedforum-pgp-key.txt.asc
A consultant of the ShinyHunters extortion gang instructed BleepingComputer they aren’t affiliated with the positioning that distributed this archive.
The archive’s ‘breachedforum-pgp-key.txt.asc’ file is the PGP non-public key created on July 25, 2023, and utilized by BreachForums to signal official messages from the directors. Whereas the important thing has been leaked, it’s passphrase-protected, and with out the password, it may’t be abused to signal messages.
Supply: BleepingComputer
The “databoose.sql” file is a MyBB customers database desk (mybb_users) containing 323,988 member information that embody member show names, registration dates, IP addresses, and different inside info.
BleepingComputer’s evaluation of the desk exhibits that the majority of the IP addresses map again to a neighborhood loopback IP deal with (0x7F000009/127.0.0.9), so they aren’t of a lot use.
Nevertheless, 70,296 information don’t include the 127.0.0.9 IP deal with, and the information we examined map to a public IP deal with. These public IP addresses might be an OPSEC concern for these folks and precious to legislation enforcement and cybersecurity researchers.
The final registration date within the newly leaked consumer database is from August 11, 2025, which is identical day that the earlier BreachForums at breachforums[.]hn was closed. This shutdown adopted the arrest of a few of its alleged operators.
That very same day, a member of the ShinyHunters extortion gang posted a message on the “Scattered Lapsus$ Hunters” Telegram channel, claiming the discussion board was a law-enforcement honeypot. The BreachForums directors subsequently denied these allegations.
The breachforums[.]hn area was later seized by legislation enforcement in October 2025 after it was repurposed to extort firms impacted by the widespread Salesforce information theft assaults carried out by the ShinyHunters extortion group.
The present BreachForums administrator, often known as “N/A,” has acknowledged the brand new breach, stating {that a} backup of the MyBB consumer database desk was briefly uncovered in an unsecured folder and downloaded solely as soon as.
“We wish to deal with current discussions relating to an alleged database leak and clearly clarify what occurred,” N/A wrote on BreachForums.
“To begin with, this isn’t a current incident. The information in query originates from an previous users-table leak relationship again to August 2025, in the course of the interval when BreachForums was being restored/recovered from the .hn area.”
“Throughout the restoration course of, the customers desk and the discussion board PGP key had been briefly saved in an unsecured folder for a really quick time frame. Our investigation exhibits that the folder was downloaded solely as soon as throughout that window,” continued the administrator.
Whereas the administrator stated that BreachForums members ought to use disposable e mail addresses to cut back danger and that the majority IP addresses mapped to native IPs, the database nonetheless comprises info that might be of curiosity to legislation enforcement.
It is price range season! Over 300 CISOs and safety leaders have shared how they’re planning, spending, and prioritizing for the 12 months forward. This report compiles their insights, permitting readers to benchmark methods, establish rising traits, and evaluate their priorities as they head into 2026.
Find out how high leaders are turning funding into measurable impression.
