article featured image


The notorious BreachForums has been seized by the FBI. The hacking forum is renowned for leaking and selling corporate data to other cybercriminals. The seizure occurred on Wednesday morning, shortly after the data leak of a Europol law enforcement portal.

Now, the forum is displaying a message informing users that the FBI has taken possession of the website and its backend data, meaning that the site’s servers and domains have been taken over by law enforcement.

FBI Seizes Control of BreachForums

BreachForums Homepage

Admin Arrested? The FBI Gets Access to the Forum’s Backend

If the claims made by the federal agency are true and they gained access to the hacking forum’s backend data, they would have access to email addresses, IP addresses, and private messages that could be used in investigations and for exposing members.

The site’s Telegram channel and other Baphomet-owned channels have also been taken over by the FBI, and messages claiming control have been sent by law enforcement.

Messages from Baphomet’s account were posted on some of the law enforcement-seized Telegram channels; these posts most likely indicate that the threat actor was taken into custody and that the authorities now possess his devices.

Telegram Alert - BreachForums Administrator Arrested

Message on Seized BreachForums’ Telegram Channel (Source)

Moreover, the threat actor known as IntelBroker claims that Baphomet was taken into custody during the law enforcement operation in a Telegram chat shared with BleepingComputer.

FBI-Controlled Telegram Chat for BreachForums


The FBI is requesting victims and individuals to contact them if the have information about the hacking forum or its members to aid in their investigation.

The seizure communications contain email addresses, Telegram accounts, TOX accounts, and a specific page on the FBI’s Internet Crime Complaint Centre (IC3) as means of getting in touch with the agency regarding the seizure. The IC3 subdomain hosts a form victims and other individuals can use to share information about BreachForums and its members.

BreachForums was the continuator of other hacking sites such as RaidForums and Breached. Baphomet is a former Breached admin and created BreachForums together with ShinyHunters, another notorious seller of stolen data.

The new site rose in popularity quickly and was used to sell corporate data from important companies such as Dell, AT&T, Hewlett Packard, PandaBuy, and others.

If you liked this piece, check out the Heimdal Blog for more! Follow us on LinkedInTwitterFacebook, and YouTube for more cybersecurity news and topics.

Author Profile

Cristian Neagu


linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

Leave a Reply

Your email address will not be published. Required fields are marked *