Hacking forum leaks data on 478,000 members

The once infamous hacker forum RaidForums has suffered a database breach that exposed the personal information of 478,000 members.

RaidForums is known for hosting, leaking, and selling data stolen from compromised organizations. In April 2022, RaidForums' forum website and infrastructure were seized in an international law enforcement operation, and its administrator, Omnipotent, and two associates were arrested.

Subsequently, a new forum called Breached was considered a reincarnation of RaidForums, where a large number of members continue to trade stolen data. But after its founder, Pompompurin, was arrested by the FBI in March of this year, Breached was shut down, and the forum's other administrators became concerned that law enforcement would have access to their servers.

RaidForums Database Breach

In early May, another forum called Exposed went live, designed to fill the void left by Breached's closure, and quickly became popular on the dark web. But just on May 29, an administrator, Impotent, leaked the RaidForums member database, exposing a wealth of information to other hackers, researchers, and possibly even law enforcement.

According to the leaked data, one of the SQL registry files contained the registration information of 478870 RaidForums members between March 20, 2015 and September 24, 2020, including their usernames, email addresses, hashed passwords, registration dates and other information related to the forum software.

It has been confirmed that the information for numerous accounts in the database contains known registration information. In addition, members of the Exposed forum have confirmed that their information is in the MySQL tables, thus confirming the authenticity of the compromised data.

Although the database has likely fallen into the hands of law enforcement since the forum was seized, the data is still useful to security researchers who build hacker profiles.