InfoSecBulletin Cybersecurity for mankind
The stolen database from the compromised website, BreachForums, has resurfaced, and its remnants are now available for purchase under the name “breached_db_person.” The public has been granted access to extremely sensitive information, including the US No Fly List, FBI’s InfraGard, DC Health Link with Members of Congress data, and much more, through this compromised forum.
Over 4,000 users’ personal details were disclosed in the recent breach of the new BreachForums clone controlled by a group called Shiny Hunters. The database that was stolen contains an impressive 212,000 records, consisting of usernames, IP and email addresses, private messages, as well as hashed passwords.
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE
CISA warns of increasing risk tied to Oracle legacy Cloud leak
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
Apple released emergency security updates for 2 zero-day vulns
Oracle Released Patched for 378 flaws for April 2025
CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild
Bengaluru firm got ransomware attack, Hacker demanded $70,000
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today
PwC exits more than a dozen countries in push to avoid scandals: FT reports
ALSO READ:
According to recent reports, the 2 GB file shared by the person responsible for breaching the database contains extensive data tables that include comprehensive information about member databases, private messages, and payment transactions. The information available has the potential to unveil previous breaches and pinpoint the culprits behind these assaults.
There is compelling evidence indicating a connection between payment information and forum rankings, as well as credit purchases. This raises concerns about the financial consequences for the users involved.
The stolen data’s legitimacy has been verified by “Have I Been Pwned,” a central repository that tracks online breaches and exploits. Our service has incorporated the BreachForums data into our database to provide users with the opportunity to verify whether their login credentials have been compromised. The person who did the bad thing and sold the database even shared it with “Have I Been Pwned” to prove that it was real and trustworthy for people who might want to buy it.
While the stolen data from BreachForums is indeed up for sale, the price to acquire it is truly astounding. With sellers asking anywhere from $100,000 to $150,000, obtaining the complete database snapshot from November 29th, 2022 is an investment not to be taken lightly.
It is crucial to take heed of the warnings issued by security experts and law enforcement agencies, who strongly discourage any attempts to obtain or utilize stolen information. By engaging in such actions, you are not only aiding criminal activities but also fueling an ongoing cycle of cybercrime. This can have severe consequences, as innocent individuals who have had their data compromised may suffer significant harm.
