The OnniForums platform announced a successful attempt to hack Breached, as a result of which competitors managed to gain access to the BreachForums database. The post, written by an OnniForums administrator with the nickname dkota, also thanks the DataBroker user, who apparently provided support in the hack.
Later, the database itself was posted on the PwnedForums Telegram channel (a file with *.sql extension and 2.4 megabytes in weight). It contains 4.3 thousand user accounts. At the same time, the message indicates another source of the drain – “feds”. And according to the Telegram channel “Information Leaks”, the partial dump contains 4202 entries, each of which has logins, hashed passwords, and email addresses. At the same time, the most recent registration is dated June 17, 2023.
In a private conversation with Darknet News, Breached representatives said they do not consider what happened to be a hack. This topic was already revealed in a message on the site itself by members of the ShinyHunters group, which owns BreachForums. They posted their vision of the current situation on the resource, without refuting, however, that the user database came to competitors.
“First of all, we would like to apologize to all of you. We have been a victim of MyBB’s automatic backup. We have corrected the situation and taken measures to ensure that this does not happen again. We understand that this has lessened your confidence that we are maintaining a safe environment, but we hope that with time and after the complete phase-out of MyBB in June-July, we will be able to restore your trust, ”a ShinyHunters representative wrote.
He also noted that a wiser and more mature move on dkota’s part would be a private contact with ShinyHunters, in which the parties could discuss compensation for not publishing the database. In retaliation, the owners of BreachForums published the backend of the offshore server Shinjiru, which is used by the developers of OnniForums themselves.
In addition, employees of the cybersecurity company Group-IB paid attention to the leak. They confirmed the relevance of those indicated in the database, while, however, attributing the authorship of the drain to the Exposed forum. A message also appeared in the Telegram channel of the forum itself, attributing the hacking of a competitor to Exposed; it also states that site administrators have obtained the complete BreachForums database. In response, representatives of Breached accused competitors of preparing an exit scam and denied reports of an allegedly upcoming sale of the site.
It is possible that such carelessness of the administrations of well-known sites can play a cruel joke on those users who do not monitor their privacy well enough on the network.
We See What Others Cannot
