A cyberattack on 4chan disrupted the infamous online forum on April 14, 2025, pushing the site offline and exposing internal data. The breach, claimed by users of the rival forum Soyjak.party, includes leaked emails, admin credentials, and screenshots of the platform’s backend.
Hackers Claim Responsibility for 4chan Breach and Leak Admin Access Data
The attackers, posting under the group name “The Party,” announced their operation as “Soyclipse,” stating that the breach had been in progress for over a year.
“Tonight has been a very special night for many of us at the soyjak party… reopening /qa/, exposing personal information of various 4cuck staff, and leaking code from the site,” said a user with the handle Chud in a post.
The post was accompanied by screenshots showing 4chan’s internal administration panels and maintenance tools, including access to:
- IP addresses and user location data
- Board-level log access
- phpMyAdmin interface for managing site databases
- Board restoration and system restart features
- Full statistics and site performance data
Outdated PHP Stack Possibly Exploited in the Attack
While the exact vulnerability exploited in the cyberattack on 4chan has not been confirmed, users speculated the site was still running on a PHP version from 2016. That version has known security flaws which may have allowed unauthorized access.
Shortly after the breach, 4chan’s PHP source code was also leaked on Kiwi Farms, another anonymous online platform.
4chan Still Partially Offline; Intermittent Access Continues
Following the breach, 4chan began displaying Cloudflare timeout errors and at times only loaded in a text-only mode, indicating ongoing recovery efforts.
“In an attempt to control the damage, 4cuck admins have taken all servers offline,” Chud added. “There are unconfirmed reports that the servers have already been completely compromised.”
4chan’s History and Relevance in Online Security
Launched in 2003 by Christopher Poole, known online as moot, 4chan has a long history of being a central node for internet subculture and anonymous activity. Over the years, it has been used as a launchpad for numerous data leaks from major tech firms, including:
- Microsoft
- Twitch
- Intel
- Valve
- Disney
The latest breach brings renewed scrutiny to forum security, especially when platforms fail to update backend systems and perform regular audits.
As of now, 4chan remains intermittently accessible, with no official statement released regarding the timeline for a full restoration or the scope of compromised user data.
