Last updated 1 month ago
In October 2025, the hacking forum BreachForums suffered a data breach that exposed 672,247 unique email addresses across all database tables, including forum posts and private messages. The breach occurred in the months leading up to the site's takedown by a coalition of law enforcement agencies. The users table contained 324,000 unique email addresses paired with usernames and Argon2 password hashes.
The breach exposed the forum's entire database infrastructure, compromising email addresses, usernames, and password hashes stored using the Argon2 algorithm. The data exposure included both public forum content and private user communications, creating significant credential exposure risks for users who reused passwords across multiple platforms.
Law enforcement agencies took the BreachForums site offline in October 2025 as part of a coordinated takedown operation. The breach represents the latest in a series of security incidents affecting this hacking forum, which had previously been shut down multiple times and reemerged under new infrastructure.
Data breach of the forum's database prior to law enforcement takedown
Record count significantly revised from 672,247 to 300,000+ (over 55% reduction), indicating new forensic findings about the BreachForums database leak.
This breach demonstrates that even criminal infrastructure platforms face significant security vulnerabilities, with 672,247 user records exposed despite operating in a high-threat environment. The exposure of Argon2-hashed passwords highlights that even strong cryptographic protection cannot prevent data exfiltration when database access is compromised. The incident underscores that all online platforms, regardless of their nature, must implement robust access controls and monitoring to prevent unauthorized database access.
Sign in to join the discussion.
Company
Industry
Disclosed
Records Affected
Attack Vector
Industry
Attack Vector