The latest incarnation of the notorious BreachForums hacking forum had its MyBB user database table leaked online, with over 320 000 accounts exposed.
BreachForums, a successor to the now-defunct RaidForums, has long been used to trade stolen data, sell access to compromised networks, and advertise other cybercrime services. Despite multiple shutdowns by law enforcement, arrests, and data breaches, the forum has repeatedly resurfaced using new domains.
The leak came to light after a website named after the ShinyHunters extortion gang published a 7Zip archive containing three files, including a MyBB users table and BreachForums’ private PGP key used to sign administrator messages.
The database file (databoose.sql) contains 323,988 user records with display names, registration dates, IP addresses, and internal metadata. While most IP addresses resolve to a local loopback address, more than 70,000 records contain public IP addresses. The archive also included BreachForums’ PGP private key, created in July 2023. Although initially passphrase-protected, cybersecurity firm Resecurity told the tech news site BleepingComputer that the correct password for the key has now been published. The ShinyHunters gang said that they are not involved with the site that leaked the archive.
The current BreachForums administrator, known online as “N/A,” confirmed the leak, noting that the exposed data dates back to August 2025, when the forum was being restored following the shutdown of the breachforums[.]hn domain.
According to the admin, the database and PGP key were briefly stored in an unsecured folder and downloaded only once.