Government

Breach database LeakedSource is down after reportedly being raided by feds

The for-profit breach database became popular as it supplied reporters with breaking news of breaches, allowed users to find if their own credentials were included and sold entire databases for cash to any buyer.

By Patrick Howell O'Neill

January 26, 2017

(Pexels)

LeakedSource, a for-profit database of breaches, is down Thursday amid unconfirmed reports that U.S. federal agents raided and shut down the site early in the morning.

The U.S. Department of Justice declined to confirm or deny to CyberScoop any information about the reported raid.

LeakedSource became popular as it supplied reporters with breaking news of breaches, allowed users to find if their own credentials were included and sold entire databases for cash to any buyer. If there was a raid, those database sales could be a likely reason. The posted and hosted databases comprised millions of stolen accounts from various websites, including AdultFriendFinder and DailyMotion in recent months.

Hackers often buy leaked databases and then use the stolen credentials to illegally access accounts across various websites. LeakedSource was criticized for this exact problem last year, though it defended its work and said it was not responsible for hacking. The site’s administrators have said they were helping people by notifying them of breaches.

Legally, it may not matter. Posting stolen passwords and then charging for them could be two separate and complementary crimes: wiretapping and being an accomplice to a conspiracy.

“If the whole goal of the site is to warn me, it should never give out my password,” Susan Freiwald, a law professor at the University of San Francisco told Computer World last year. “I think this is very suspicious. It doesn’t make sense.”

A contact with LeakedSource has not responded to CyberScoop’s inquiries.

The following Pastebin post appeared early this morning as the site first went down:

“Yeah you heard it here first. Sorry for all you kids who don’t have all your own Databases.

Leakedsource is down forever and won’t be coming back. Owner raided early this morning. Wasn’t arrested, but all SSD’s got taken, and Leakedsource servers got subpoena’d and placed under federal investigation. If somehow he recovers from this and launches LS again, then I’ll be wrong. But I am not wrong.

Also, this is not a troll thread.

EDIT: Don’t forget that LTD was the first person to make this news public.”

Breach database LeakedSource is down after reportedly being raided by feds

More Like This

House passes bill to limit personal data purchases by law enforcement, intelligence agencies

With a mysterious surveillance target identified, calls for Congress to change course

Ex-White House cyber official says ransomware payment ban is a ways off

Top Stories

Mandiant: Notorious Russian hacking unit linked to breach of Texas water facility

More Scoops

Jailed BreachForums creator, admin sentenced to 20 years of supervised release

BreachForums replacement emerges as robust forum for criminal hackers to trade their spoils

The FBI’s BreachForums bust is causing ‘chaos in the cybercrime underground’

FBI seizes domains tied to stolen records, DDoS services

The FBI’s digital security guide for local police actually has good OPSEC advice

WeLeakInfo, a search engine for breached personal data, shut down

Recent NSA leaks show challenge of a software ‘solution’ for insider threats

Latest Podcasts

How Troy Hunt knows if you’ve been hacked and Washington tries to understand AI

Why pig butchering is the worst kind of online scam

How the FBI fights ransomware

AWS and CrowdStrike leaders discuss zero trust implementation and the path ahead

Government

Technology

Threats

Geopolitics