InfoSecBulletin Cybersecurity for mankind
The stolen database from the compromised website, BreachForums, has resurfaced, and its remnants are now available for purchase under the name “breached_db_person.” The public has been granted access to extremely sensitive information, including the US No Fly List, FBI’s InfraGard, DC Health Link with Members of Congress data, and much more, through this compromised forum.
Over 4,000 users’ personal details were disclosed in the recent breach of the new BreachForums clone controlled by a group called Shiny Hunters. The database that was stolen contains an impressive 212,000 records, consisting of usernames, IP and email addresses, private messages, as well as hashed passwords.
“Forces Penpals” exposed US and UK Military Social Network’s 1 Million Records
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
ALSO READ:
According to recent reports, the 2 GB file shared by the person responsible for breaching the database contains extensive data tables that include comprehensive information about member databases, private messages, and payment transactions. The information available has the potential to unveil previous breaches and pinpoint the culprits behind these assaults.
There is compelling evidence indicating a connection between payment information and forum rankings, as well as credit purchases. This raises concerns about the financial consequences for the users involved.
The stolen data’s legitimacy has been verified by “Have I Been Pwned,” a central repository that tracks online breaches and exploits. Our service has incorporated the BreachForums data into our database to provide users with the opportunity to verify whether their login credentials have been compromised. The person who did the bad thing and sold the database even shared it with “Have I Been Pwned” to prove that it was real and trustworthy for people who might want to buy it.
While the stolen data from BreachForums is indeed up for sale, the price to acquire it is truly astounding. With sellers asking anywhere from $100,000 to $150,000, obtaining the complete database snapshot from November 29th, 2022 is an investment not to be taken lightly.
It is crucial to take heed of the warnings issued by security experts and law enforcement agencies, who strongly discourage any attempts to obtain or utilize stolen information. By engaging in such actions, you are not only aiding criminal activities but also fueling an ongoing cycle of cybercrime. This can have severe consequences, as innocent individuals who have had their data compromised may suffer significant harm.
