Hacker's nest breach exposes data of hundreds of thousands of users

In a world where there is no honor among thieves, the BreachForums hack has caused quite a stir. The attackers, allegedly affiliated with the ShinyHunters group, have released an SQL file containing sensitive data for nearly 324,000 registered user accounts. The archive that has appeared online includes usernames, registration dates, and PGP keys. Most critically, however, are more than 70,000 public IP addresses that could provide investigators with a direct lead to the users' real identities.

The situation is further complicated by the attackers’ claims that BreachForums is actually a “honeypot” – a fake site run by the police to lure criminals to it. The forum administrator has denied these allegations, explaining that the data was stolen from an unprotected folder during the site’s migration to a new domain. This is not the first time the platform has come under attack; law enforcement authorities had already seized their previous domain in August 2025, but the forum resurfaced at a new address shortly after.

This poses a huge security risk for hackers who have been using the platform to sell malware and stolen company databases. While many of the IP addresses in the database are local (loopback), the public addresses reveal the locations of users around the world. The incident clearly shows that even those who carry out attacks are vulnerable when it comes to their own digital hygiene. The entire database was published on a website named after the ShinyHunters group itself, further humiliating the forum administrators.