- BreachForums’ user database (323,988 records) was leaked, exposing usernames, registration dates and IP addresses.
- Around 70,000 public IP addresses could help identify real users; most entries were useless loopback addresses
- The administrator confirmed that the leak came from the August 2025 restore; ShinyHunters denied any involvement in the hosting site
Someone has leaked the entire list of usernames, IP addresses and other data from BreachForums, the infamous underground hacker community – but it remains unclear exactly who and why.
A website named after the ShinyHunters ransomware operator recently appeared online, used to host a 7Zip archive called violationdforum.7z.
This archive contained a few files, including a database table containing 323,988 member records, which contained members’ display names, registration dates, IP addresses, and other internal information.
ShinyHunters denies any involvement
While user accounts don’t mean much to researchers or law enforcement, IP addresses just might. Most of them correspond to a local loopback IP address (0x7F000009/127.0.0.9), BeepComputer reported, saying they “aren’t much use.”
Yet just over 70,000 addresses do not contain the 127.0.0.9 IP address and correspond to a public IP address, meaning they could, in theory, be used to identify real people behind the usernames.
The forum administrator confirmed the breach, saying that a backup of the MyBB user database table had been temporarily exposed on the Internet and downloaded only once.
“First of all, this is not a recent incident. The data in question comes from an old user table leak dating back to August 2025, during the period when BreachForums was being restored/recovered from the .hn domain,” they said.
“During the restoration process, the forum’s users table and PGP key were temporarily stored in an unsecured folder for a very short period of time. Our investigation shows that the folder was only downloaded once during this window,” they added.
Who leaked the data also remains a mystery. The ShinyHunters group denied any involvement and said it had nothing to do with the website that bore its name. When BreachForums was restored last summer, after a law enforcement raid, the group said the forum was now a honeypot built by police to trap other hackers and cybercriminals.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
