BreachForums (2025) Data Breach
Gravity Score
CriticalCalculated based on the types of data exposed (5 categories) and the volume of affected records (672,247).
Online communities can disappear and reappear, but the data they collect often lingers. In the 2025 version of BreachForums, the site was ultimately taken offline by a multi agency law enforcement effort, and it emerged that the forum itself had already been hit by a breach beforehand.
The exposure was not limited to account identifiers. It also included content tied to how people interacted on the forum, which can be highly sensitive when private conversations and personal context are involved.
Leaked information included email addresses, usernames, forum posts, and private messages. The compromised user database also contained Argon2 password hashes, meaning the passwords were not shown in plain text, but they still represent a risk if users reused passwords elsewhere.
Across all tables, about 672 thousand unique email addresses were present, with the users table holding a large subset of those accounts. The real world impact can include targeted harassment, attempts to impersonate users, and credential based attacks on other services.
Exposed data
What to do based on this breach
What can we learn from this breach?
Forum breaches illustrate that user generated content such as posts and private messages can be harmful even without direct account takeover. Unique passwords and two factor authentication reduce the fallout from leaked password hashes and make credential reuse attacks less effective. Platforms that store conversations should limit data retention and protect credential storage with strong security controls.
Was your data exposed?
Check now if your email appears in this breach. It's free, takes 30 seconds and requires no signup.
Check my email
