What Happened
In January 2026, the BreachForums cybercrime marketplace suffered a data breach exposing approximately 324,000 user accounts. The breach occurred in August 2025 when a database backup was accidentally left in an unsecured folder during the forum’s restoration process, and the exposed data was downloaded and later published on January 9, 2026, by someone using the alias “James”. The leaked data included usernames, email addresses, hashed passwords, IP addresses, and registration dates extracted from the forum’s MyBB database. The breach was particularly significant because it exposed identities of cybercriminals and threat actors previously operating under anonymity, including individuals associated with groups like GnosticPlayers and ShinyHunters, along with their PGP keys and other metadata that could enable law enforcement to identify and potentially arrest forum participants.
