BreachForums Pwned, exposing 212k records including usernames, IP and email addresses, private messages between site members and passwords stored as argon2 hashes - eviltoast

BreachForums

In November 2022, the well-known hacking forum “BreachForums” was itself, breached. Later the following year, the operator of the website was arrested and the site seized by law enforcement agencies. The breach exposed 212k records including usernames, IP and email addresses, private messages between site members and passwords stored as argon2 hashes. The data was provided to HIBP by a source who requested it be attributed to “breached_db_person”.

Breach date: 29 November 2022

Date added to HIBP: 26 July 2023

Compromised accounts: 212,156

Compromised data: Email addresses, IP addresses, Passwords, Private messages, Usernames

comment: I guess the hackers aren’t so lucky with their DMs either.

  • SubPrimeBadger@lemmynsfw.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    You hear about so many places getting breached that have now leaked out hashed passwords. At least this site had the foresight to use a modern hashing algo like argon2. So many have had weak hashes and could at least take a page out of proper hashing from this. They could have misconfigured argon2 properties but I’m thinking that as long as they at least used the default method, it will give the decent protection from cracking.