HQ/EMEAFind out how we can help your business
Members of the hacker forum BreachForums v1 since 2022 have suffered data exposure, enabling threat actors and researchers to identify the participants.
Several platforms have used BreachForums, all dedicated to developing an ecosystem of collectors and threat actors who trade, sell, and leak data acquired or stolen from compromised entities.
The first data breach forum to gain traction among hackers and researchers was RaidForums. However, an infamous threat actor, Pompompurin, has recreated and renamed it BreachForums after the FBI seized the platform in 2022.
This forum immediately gained popularity as threat actors immediately disclosed enormous amounts of stolen data, including data from the United States. D.C., the healthcare provider for Congress Health Link, RobinHood, and Twitter data.
However, just after D.C. After Health Link data was released, the FBI arrested the forum’s owner, Conor Fitzpatrick, also known as Pompompurin, in March 2023. Subsequently, authorities quickly established multiple instances of the forum and confiscated them. ShinyHunters launched the most recent incarnation (which has since been passed on to other administrators) and is still operational today.
Researchers named the platform that suffered an information leak BreachForums v1, as multiple sites use the same name. The new name confirms that the site is the platform founded by Pompompurin in 2022, which the FBI confiscated this year.
A threat actor named Emo has confirmed the legitimacy of the BreachForums v1 leak.
According to a well-known threat actor named Emo, the leaked personal information of BreachForums v1 has impacted about 212,414 members. This hacker also confirmed that it acquired the information directly from Pompompurin, who allegedly tried to sell it for $4,000 in June 2023 while on bail.
Additionally, Emo claims that three threat actors/groups finally purchased the BreachForums data. The leaked data comes from a November 2022 BreachForums database backup last published to Fitzpatrick’s MEGA account.
The confirmed exposed data includes a forum member’s user ID, login name, email address, registration IP address, and the last IP address used to browse the platform. Therefore, members of the BreachForums platform are likely aware of the risk of the leak, especially now that a reliable source has claimed that it already landed in the hands of malicious entities.
