An online forum used by those involved in online account hijacking has been breached, according to KrebsonSecurity.
An attack on OGUsers.com leaked the personal information of nearly 113,000 people. Krebs reportedly received a copy of the database, which included usernames, email addresses, hashed passwords, private messages and IP address.
The RaidForums Omnipotent administrator announced to forum members that he had made the OGUsers forum database for available for download, writing:
Hello RaidForums Community,
Today I have uploaded the OGUsers Forum Database for you to download for free, thanks for reading and enjoy!
On the 12th of May 2019 the forum ogusers.com was breached 112,988 users were affected. I have uploaded the data from this database breach along with their website source files. Their hashing algorithm was the default salted MD5 which surprised me, anyway the website owner has acknowledged data corruption but not a breach so I guess I'm the first to tell you the truth view his statement here or if you don't want to visit their website view it here. According to his statement he didn't have any recent backups so I guess I will provide one on this thread lmfao.
Compromised data: Website activity, Usernames, Emails, IP Addresses, Passwords (Salted MD5), Source code, Website data, User private messages.
While users on the OGUsers.com forum expressed concern about their identities being revealed as a result of the hack, Krebs said, “It’s difficult not to admit feeling a bit of schadenfreude in response to this event. It’s gratifying to see such a comeuppance for a community that has largely specialized in hacking others. Also, federal and state law enforcement investigators going after SIM swappers are likely to have a field day with this database, and my guess is this leak will fuel even more arrests and charges for those involved.”