Wednesday , June 4 2025

Original BreachForums Breached, users PII Data sold Online

The stolen database from the compromised website, BreachForums, has resurfaced, and its remnants are now available for purchase under the name “breached_db_person.” The public has been granted access to extremely sensitive information, including the US No Fly List, FBI’s InfraGard, DC Health Link with Members of Congress data, and much more, through this compromised forum.

Over 4,000 users’ personal details were disclosed in the recent breach of the new BreachForums clone controlled by a group called Shiny Hunters. The database that was stolen contains an impressive 212,000 records, consisting of usernames, IP and email addresses, private messages, as well as hashed passwords.

New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

In March 2025, the Threatfabric mobile Threat Intelligence team identified Crocodilus, a new Android banking Trojan designed for device takeover....
Read More
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries

Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Qualcomm has issued security patches for three zero-day vulnerabilities in the Adreno GPU driver, affecting many chipsets that are being...
Read More
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks

Critical RCE Flaw Patched in Roundcube Webmail

Roundcube Webmail has fixed a critical security flaw that could enable remote code execution after authentication. Disclosed by security researcher...
Read More
Critical RCE Flaw Patched in Roundcube Webmail

Hacker claim Leak of Deloitte Source Code & GitHub Credentials

A hacker known as "303" claim to breach the company's systems and leaked sensitive internal data on a dark web...
Read More
Hacker claim Leak of Deloitte Source Code & GitHub Credentials

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM...
Read More
CISA Issued Guidance for SIEM and SOAR Implementation

Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities....
Read More
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora

Australia enacts mandatory ransomware payment reporting

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of...
Read More
Australia enacts mandatory ransomware payment reporting

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious new security rules that require...
Read More
Why Govt Demands Foreign CCTV Firms to Submit Source Code?

CVE-2023-39780
Botnet hacks thousands of ASUS routers

GreyNoise has discovered a campaign where attackers have gained unauthorized access to thousands of internet-exposed ASUS routers. This seems to...
Read More
CVE-2023-39780  Botnet hacks thousands of ASUS routers

Bangladesh Bank instructed using AI to prevent online gambling

The rise of online gambling in the country is leading to increased crime and societal issues. In response, the central...
Read More
Bangladesh Bank instructed using AI to prevent online gambling

ALSO READ:

“Digital Bank” application time extended

According to recent reports, the 2 GB file shared by the person responsible for breaching the database contains extensive data tables that include comprehensive information about member databases, private messages, and payment transactions. The information available has the potential to unveil previous breaches and pinpoint the culprits behind these assaults.

There is compelling evidence indicating a connection between payment information and forum rankings, as well as credit purchases. This raises concerns about the financial consequences for the users involved.

The stolen data’s legitimacy has been verified by “Have I Been Pwned,” a central repository that tracks online breaches and exploits. Our service has incorporated the BreachForums data into our database to provide users with the opportunity to verify whether their login credentials have been compromised. The person who did the bad thing and sold the database even shared it with “Have I Been Pwned” to prove that it was real and trustworthy for people who might want to buy it.

While the stolen data from BreachForums is indeed up for sale, the price to acquire it is truly astounding. With sellers asking anywhere from $100,000 to $150,000, obtaining the complete database snapshot from November 29th, 2022 is an investment not to be taken lightly.

It is crucial to take heed of the warnings issued by security experts and law enforcement agencies, who strongly discourage any attempts to obtain or utilize stolen information. By engaging in such actions, you are not only aiding criminal activities but also fueling an ongoing cycle of cybercrime. This can have severe consequences, as innocent individuals who have had their data compromised may suffer significant harm.

Check Also

CCTV

Why Govt Demands Foreign CCTV Firms to Submit Source Code?

Global makers of surveillance gear have clashed with Indian regulators in recent weeks over contentious …

Leave a Reply

Your email address will not be published. Required fields are marked *