**BreachForums Hacking Forum Database Leaked, Exposing 324,000 Accounts**

A significant security breach has hit the notorious BreachForums hacking forum, with its user database table leaked online. The leak, which contains sensitive information on over 324,000 accounts, has raised concerns among law enforcement and cybersecurity experts.

**The Rise of BreachForums**

BreachForums is a series of hacking forums used to trade, sell, and leak stolen data, as well as sell access to corporate networks and other illicit cybercrime services. The site was launched after the first of these forums, RaidForums, was seized by law enforcement, with its owner, "Omnipotent", arrested.

Despite previous data breaches and police actions, BreachForums has been repeatedly relaunched under new domains, with some accusing it of being a honeypot for law enforcement. However, the site's administrators have consistently denied these allegations.

**The Leaked Database**

Yesterday, a website named after the ShinyHunters extortion gang released a 7Zip archive containing the leaked BreachForums database. The archive includes three files:

* **`breachedforum-pgp-key.txt.asc`**: A PGP private key created on July 25, 2023, used by BreachForums to sign official messages from administrators. * **`databoose.sql`**: A MyBB users database table (mybb\_users) containing 323,988 member records, including display names, registration dates, IP addresses, and other internal information.

**Analysis of the Leaked Database**

BleepingComputer's analysis of the leaked database shows that most IP addresses map back to a local loopback IP address (0x7F000009/127.0.0.9), rendering them useless for tracking purposes. However, 70,296 records do not contain this local IP address, and the ones tested correspond to public IP addresses.

**OPSEC Concerns**

These public IP addresses could be a significant OPSEC concern for those individuals and valuable to law enforcement and cybersecurity researchers.

**The Shutdown of BreachForums**

The current BreachForums administrator, "N/A", acknowledged the breach in a statement on the site. According to N/A, a backup of the MyBB user database table was temporarily exposed in an unsecured folder and downloaded only once during the restoration process after the site's shutdown.

**New Information: Password for PGP Private Key Found**

After our story was published, cybersecurity firm Resecurity informed BleepingComputer that BreachForums has updated its website to include a password for its PGP private key. A different security researcher confirmed to BleepingComputer that this password is indeed correct for the leaked key.

**Conclusion**

The breach of BreachForums' user database table has raised concerns about data protection and law enforcement's efforts to combat cybercrime. The incident serves as a reminder of the importance of robust security measures, especially in high-risk environments like hacking forums.