Evolution of the security incident at BreachForums

In January 2026, the first reports emerged of a major data breach affecting BreachForums, a well-known forum linked to cybercrime and the sale of stolen information. Various media outlets specializing in cybersecurity began reporting on the appearance of a database attributed to the platform, which generated a rapid reaction both within the community and among the forum operators themselves. 

The leak consists of a database containing information on approximately 325,000 users registered on BreachForums, including their “metadata extracted from the MySQL database.” The leaked data reportedly includes usernames, email addresses, internal identifiers, and encrypted passwords, although not in plain text. Site administrators initially denied a recent intrusion and claimed that the data came from an old copy accidentally exposed months ago during maintenance work. As a containment measure, internal systems were reviewed and it was emphasized that the encryption methods used limited the actual impact of the leak.

Today, the incident is considered closed from a technical standpoint, although it continues to be analyzed and debated within the cybersecurity community. No official statement has been confirmed, but researchers and law enforcement agencies have expressed interest due to the potential value of the leaked data. BreachForums, highlighting internal tensions between its operators and former collaborators. Looking ahead, no specific public actions have been announced by those responsible for the forum, beyond defensive statements. However, the leak is expected to have consequences for ongoing investigations and to reinforce surveillance of such platforms.