Breach, Threat Management, Data Security, Network Security hacking forum user data breached and leaked by rivals

Hacking online forum last July suffered a data breach at the hands of one of its rival communities, resulting in the compromise of roughly 321,000 members, breach reference website site "Have I Been Pwned?" reported this week.

The breach resulted in a public doxxing that exposed a database containing 749,161 email accounts, as well as corresponding IP addresses (many likely anonymized), hashed passwords, private messages and usernames.

According to an Ars Technica report, hackers from Raidforums are responsible for breaching the forum, which runs on the open-source forum software MyBB. The news organization says it reviewed a 2.11 gigabyte file containing approximately 397,000 plaintext private messages, which discuss matters such as cracking Fortnite accounts and selling software exploits.

Speaking of exploits: Raidforums owner, developer, and host "Omnipotent" reportedly told Ars Technica that the breach was executed via an exploit, although he shared no further details.

In a thread that was originally started on July 27, forum administrator "floraiN" warned members that a once trusted party managed to obtain forum back-ups dating from late 2018 through June 2019. Concerned the party might publish this information, the forum forced users to change their passwords and reset all database sesssions. floraiN also reassured users that their passwords were safe because the forum had recently switched to a stronger hashing algorithm.

That post was followed by a new thread update on Aug. 8: "A wannabe 'leaking-forum' released the database backup today that contains all data from 21st of July 2019," wrote floraiN. "As announced a few weeks ago all passwords are hashed with an advanced hashing algorithm... and therefore pretty much useless."

"There will be consequences for the forum that is responsible for distributing the backup and for the person that leaked it," the post ominously continues.

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.