InfoSecBulletin Cybersecurity for mankind
The stolen database from the compromised website, BreachForums, has resurfaced, and its remnants are now available for purchase under the name “breached_db_person.” The public has been granted access to extremely sensitive information, including the US No Fly List, FBI’s InfraGard, DC Health Link with Members of Congress data, and much more, through this compromised forum.
Over 4,000 users’ personal details were disclosed in the recent breach of the new BreachForums clone controlled by a group called Shiny Hunters. The database that was stolen contains an impressive 212,000 records, consisting of usernames, IP and email addresses, private messages, as well as hashed passwords.
Cisco released security updates for two critical security flaws
OpenBAS: Cutting-edge breach and attack simulation platform
Critical Security Flaws Patched in Zyxel Networking Devices
CVE-2024-38811: CEV In VMware Fusion Unveiled
CERT-IN Warns Vulnerabilities in Palo Alto Networks applications
How Malaysia’s Data Centre Industry Poised for Growth
RansomHub exfiltrated data over 210 victims: US alert
Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw
New Cicada ransomware targets VMware ESXi servers
Monday hits two UK bank apps causes outages
ALSO READ:
According to recent reports, the 2 GB file shared by the person responsible for breaching the database contains extensive data tables that include comprehensive information about member databases, private messages, and payment transactions. The information available has the potential to unveil previous breaches and pinpoint the culprits behind these assaults.
There is compelling evidence indicating a connection between payment information and forum rankings, as well as credit purchases. This raises concerns about the financial consequences for the users involved.
The stolen data’s legitimacy has been verified by “Have I Been Pwned,” a central repository that tracks online breaches and exploits. Our service has incorporated the BreachForums data into our database to provide users with the opportunity to verify whether their login credentials have been compromised. The person who did the bad thing and sold the database even shared it with “Have I Been Pwned” to prove that it was real and trustworthy for people who might want to buy it.
While the stolen data from BreachForums is indeed up for sale, the price to acquire it is truly astounding. With sellers asking anywhere from $100,000 to $150,000, obtaining the complete database snapshot from November 29th, 2022 is an investment not to be taken lightly.
It is crucial to take heed of the warnings issued by security experts and law enforcement agencies, who strongly discourage any attempts to obtain or utilize stolen information. By engaging in such actions, you are not only aiding criminal activities but also fueling an ongoing cycle of cybercrime. This can have severe consequences, as innocent individuals who have had their data compromised may suffer significant harm.
