BreachForums returns and claims the Live Nation-Ticketmaster Data Leak – Claims found ‘Too good to be true’?
The notorious data leak site BreachForums appeared to return last month after being seized by law enforcement just weeks prior.
Upon its return, BreachForums administrator ShinyHunters, who was associated with past breaches such as the AT&T breach, posted claiming to be selling a new dataset allegedly containing 560 million Live Nation/Ticketmaster customer details for $500k USD.
However, researchers noticed some questionable things about this supposed data leak. The dataset was also being offered for sale on another dark web forum by a user named SpidermanData with identical details. Additionally, 560 million users seemed an unrealistic figure even for a monopolist Live Nation/Ticketmaster.
Cybersecurity researcher CyberKnow tweeted “there is also old customer information, making it possibly this is a series of data jammed together.”
With these inconsistencies, researchers concluded the goal was likely to generate attention and act as a lure to regain old forum users.
BreachForums Returns Using Same Domains Despite FBI Takedown
BreachForums returns after supposedly being took offline earlier this month by law enforcement, but reports surfaced that the site had returned both on the dark web and clearnet, seemingly under control of ShinyHunters.
As the successor to RaidForums, BreachForums had faced an FBI takedown in March 2023 where its owner was arrested. This recent takedown in May 2024 further targeted the site, defacing it with a message that it had been seized by the FBI. However, ShinyHunters was quoted as saying “none of its members were arrested and that it planned on restarting the site quickly,” which seemingly came to fruition.
Interestingly, BreachForums returned using the same domains as before, which according to The Register was due to ShinyHunters regaining access “by asking NiceNIC – the Hong Kong-based domain registrar supplying the domains – nicely.”
The FBI losing control of the domains was seen as a major failure within the cybersecurity community.
This is a major setback for law enforcement efforts. As BreachForums and key members like ShinyHunters continue evading authorities, their activities poses ongoing risks that must be closely monitored.