OnlyFans User Data Allegedly Compiled from Old Breaches, Offered for Sale A hacker operating under the alias Euphoric_Reply_5727 is advertising a claimed 340 million-record OnlyFans database on a cybercrime forum for 0.313 BTC (approximately $76,000). The dataset reportedly includes usernames, real names, email addresses, phone numbers, join dates, follower counts, linked social profiles, and partial payment card details raising concerns about the exposure of users’ real identities. However, investigations by Hackread and Cybernews suggest the data may not be the result of a direct breach. The seller later admitted to compiling the information from existing leaks and public sources, cross-referencing OnlyFans profiles with data from platforms like X (formerly Twitter), Instagram, and Spotify. While some records matched public profiles, the sample provided just 10 entries contained inconsistencies, including blank fields and unverified details. Despite the questionable origins, the compilation poses risks. Even if the data is recycled, exposed emails and linked accounts could enable phishing, doxxing, or targeted harassment. The incident underscores the broader threat of identity linkage, where seemingly harmless usernames can be traced back to real-world identities, potentially leading to extortion or account takeovers without requiring a password leak.

Massive Credential Breach Exposes 149 Million Logins in Unsecured Database A security researcher recently uncovered a staggering data exposure involving 149 million usernames and passwords left unprotected on the internet. The database, hosted by a Canadian service provider, was freely accessible via a standard web browser, allowing anyone to search and extract sensitive login details without authentication. The breach remained active for about a month, with new credentials continuously added before the hosting provider took it offline following notification. The compromised data spanned a wide range of platforms, including: - Email services: 48 million Gmail, 4 million Yahoo, and 1.5 million Microsoft Outlook accounts - Social media: 17 million Facebook, 780,000 TikTok, and 100,000 OnlyFans logins - Streaming & entertainment: 3.4 million Netflix subscriptions - Financial services: 420,000 Binance cryptocurrency accounts, along with banking and credit card details - Government & education: 1.4 million .edu domain credentials and other official systems Investigators traced the breach to infostealing malware, which infects devices through phishing, malicious downloads, or compromised websites. The malware logs keystrokes and captures login credentials, funneling them into centralized databases like the one discovered. Each entry included unique identifiers, suggesting the database was designed for large-scale criminal operations, such as account takeovers or ransomware attacks. The implications of this breach are severe, with risks ranging from identity theft and financial fraud to potential espionage via compromised government and academic accounts. The incident reflects a broader trend of unsecured databases and the growing accessibility of cybercrime tools renting infrastructure for such operations can cost as little as $200–$300 per month, enabling even low-skilled threat actors to amass vast troves of data. While no immediate exploits have been confirmed, the exposure underscores persistent vulnerabilities in data security practices. Similar breaches have repeatedly demonstrated how quickly stolen credentials circulate on underground forums, prolonging the threat long after the initial leak. The full impact of this incident may unfold over time as attackers exploit the exposed information.

Massive Exposed Database Containing 149 Million Credentials Discovered Online Security researcher Jeremiah Fowler uncovered a publicly accessible database containing 149 million usernames and passwords, including credentials for major platforms and sensitive systems. The unsecured collection, which was freely accessible via a web browser, included 48 million Gmail accounts, 17 million Facebook logins, 420,000 Binance credentials, 3.4 million Netflix accounts, 780,000 TikTok logins, and 100,000 OnlyFans accounts. Additionally, it held 1.5 million Microsoft Outlook, 900,000 Apple iCloud, and 1.4 million .edu credentials, along with login details for government systems and consumer bank accounts. Fowler reported the database to the Canadian hosting provider, which took it offline after nearly a month for violating its terms of service. During this period, the database continued to grow, suggesting ongoing data collection. Fowler suspects the credentials were harvested via infostealing malware, which logs keystrokes when victims enter login details on compromised sites. The discovery highlights the thriving infostealer market, where stolen credentials are sold for as little as $10 per log on the dark web. The simplicity of such malware makes it a popular tool for cybercriminals, enabling large-scale credential theft with minimal effort. The incident underscores the risks of unsecured databases and the widespread impact of infostealer-driven breaches.

Cybersecurity Breach Exposes Sensitive Data of Adult Platform’s Premium Users A cyberattack targeting an adult platform’s Premium service has sparked extortion threats and heightened privacy concerns after the hacking group ShinyHunters claimed to have stolen over 201 million records of user activity logs. The company confirmed the breach stemmed from a third-party analytics vendor, Mixpanel, but clarified that only Premium users were affected and that no passwords or payment details were exposed. The stolen data reportedly includes email addresses, search queries, video titles, timestamps, and IP-based geolocation—information that, while not directly financial, could enable de-anonymization, targeted phishing, or blackmail. ShinyHunters has allegedly used the dataset to pressure the company, mirroring tactics seen in past breaches involving sensitive content, such as the 2015 Ashley Madison hack. The incident underscores the risks of supply chain vulnerabilities, where even secure primary systems can be compromised through third-party integrations. While Mixpanel denied its systems were breached, the event highlights the dangers of unchecked telemetry data collection, which can inadvertently expose sensitive behavioral logs. Privacy advocates warn that such datasets can reveal personal preferences, relationships, or routines, making them prime targets for extortion. Regulatory scrutiny is likely, with potential investigations under laws like GDPR or California’s privacy statutes. The company has pledged to audit its analytics pipeline, reduce data retention, and implement stronger safeguards for personally identifiable information. For affected users, the breach serves as a reminder of the persistent risks tied to behavioral tracking—even when financial data remains secure.

OnlyFans Data Leak Exposes 340 Million Records, Though Claims Remain Unverified Hackers have posted on a data leak forum claiming to possess 340 million records allegedly sourced from OnlyFans, the subscription-based adult content platform with over 4.5 million creators and 380 million users. The leaked data reportedly includes usernames, email addresses, account activity metrics (such as follower counts, likes, and media uploads), payment card details, and linked profiles. The threat actors deny breaching OnlyFans directly, instead asserting that the database was compiled from prior leaks, public sources, and other security incidents. Cybersecurity researchers at Cybernews analyzed a sample of the data and found it contained only a dozen records including user IDs, names, emails, and registration details dating back to August 2023. This suggests the information is outdated rather than the result of a new breach. OnlyFans has denied any recent security compromise, stating that the claims are false. However, experts warn that even outdated exposed data could be weaponized for phishing attacks, with cybercriminals potentially cross-referencing emails with other breaches to build detailed profiles of affected individuals. The full scope and authenticity of the leak remain unverified.