On January 9, 2026, a database from the cybercrime platform BreachForums was leaked online, exposing the personal details and digital footprints of over 320,000 users. This massive data release originated from internal systems and has been verified as authentic through a valid digital signature historically linked to the forum's operators.

BreachForums has long served as a primary hub for cybercriminals to trade stolen data after the shutdown of its predecessor, RaidForums, in 2022. The platform has a volatile history characterized by sudden disappearances and law enforcement interventions, making it a focal point for global cybersecurity monitoring. In early 2025, the site vanished abruptly, sparking rumors of a police raid, though reports later indicated the downtime was actually caused by a significant security vulnerability rather than a direct seizure.

By the summer of 2025, the forum managed to return to the web, but its stability was short-lived as internal data began to circulate among researchers and rival hackers. Cybersecurity firms eventually confirmed that the leaked database contains records for precisely 323,986 registered members. This dataset is particularly damaging because it includes metadata extracted from the site's back-end systems, providing a trail of information that could potentially unmask the real-world identities of individuals previously operating under the veil of anonymity.

The sensitive files were uploaded to a site known for hosting stolen datasets, a platform frequently associated with major corporate data breaches involving high-profile airlines and retail corporations. Accessing this source directly is considered highly dangerous due to the presence of malicious software and the risk of further compromise. This specific repository has been a recurring outlet for data stolen through various cloud-related security failures, making it a common destination for the distribution of illicit information.

Security experts verified the legitimacy of the BreachForums leak by examining a specific PGP signature included with the files. Because this digital signature matches the one used by previous administrators of the forum, it confirms that the information was likely pulled directly from the site's database rather than being a fabricated collection of old data. This high level of authenticity suggests a deep breach of the forum's own security protocols.

The exposure of such a vast number of users represents a significant development for law enforcement and security analysts worldwide. By analyzing the MySQL metadata and communication patterns found within the leak, investigators may be able to map out the connections between different hacking groups and their activities over the past several years. This event highlights the irony of a platform dedicated to leaking others' data failing to protect its own community from the same fate.

Source: Database Of 323,986 BreachForums Users Leaked As Admin Disputes Scope