January 30, 2017 by

Breach Database Website LeakedSource Busted by Feds

LeakedSource, a breach notification website that also sold database access to over 3 billion hacked accounts is now offline, disappearing in murky circumstances with one insider claiming that the website is down and gone forever.

Having combed over 3 billion hacked accounts, LeakedSource indexed compromised account details of accounts from a number of high-profile breache. Users could essentially search and check if any of their phone numbers or email addresses were compromised as a part of any breach. While LeakedSource claimed its aim was to warn the public about who might be affected while raising awareness toward better cybersecurity, critics have argued that rogue malicious hackers could have the means to easily access victims’ accounts.

The account details were gathered from several of the world’s most prominent breaches, including Yahoo, Ashley Madison, Last.fm and LinkedIn, among others.

Now, an insider has claimed that LeakedSource is now permanently offline after being taken down by law enforcement authorities.

First posted on online forums, the notice, since removed, has found a place on Pastebin.

It read:

LeakedSource is down forever and won’t be coming back. Owner raided early this morning. Wasn’t arrested, but all SSD’s got aken, and LeakedSsource servers got subpoena’d and placed under federal investigation. If somehow he recovers from this and launches LS again, then I’ll be wrong. But I am now wrong.

LeakedSource controversially decrypted passwords obtained through data dumps, making passwords searchable in their plaintext form. Users could check to see which passwords were affected in the event of an account compromise, prompting them to change shared passwords with other online accounts. However, the feature meant that data dumps were also valuable for malicious hackers as well.

Have I Been Pwned, a similar resource that allows users to check if your email address or username was compromised in a hack takes a significantly different approach. Personally identifiable data is never revealed to anyone, not even the legitimate owners of the data, which stops sensitive information from falling into the wrong hands.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

‘Russian Yahoo’ Rambler.ru Breached, 100 Million Records Leaked

A mind-boggling 100 million records have been leaked online in what is sure to count as a...

Read more arrow_forward

45 Million Login Credentials Stolen from Over 1000 Websites

  Troves of records from data breaches just do not know when to quit. Some 45 million logins from...

Read more arrow_forward

117 Million LinkedIn User Credentials up for Sale

A hacker who goes by the moniker “Peace” is trying to sell LinkedIn account information...

Read more arrow_forward