When BreachForums owner “Pompompurin” was arrested on March 15, forum members knew nothing about it until March 17, when Bloomberg broke the news. But BreachForums administrator “Baphomet” had suspected something was wrong and had already taken steps to secure the forum from law enforcement access.
Since then, Baphomet, who took over ownership of the forum, provided updates to forum members about the progress in migrating and securing the forum. Using Telegram to communicate with forum members, he posted an update on March 18:
A small update here. You’ll see some downtime for a couple of services but this is expected. Currently the only one that should be noticable is the shoutbox, as im updating it to fix some bugs that probably should have been fixed a while ago. Since this is being worked on, we’ve unlocked the telegram group to the community again so people can talk and be as mentally challenged as they usually are.
As always, please follow the normal offsite rules and don’t do anything that would bring negative attention to our community, as we are only a cooking forum.
[The reference to being a cooking forum is a bit of an inside joke on the forum that relates to “Moot,” a moderator on RaidForums, claiming that he was only that forum to get recipes.]
Baphomet’s efforts to secure the forum’s infrastructure and make certain changes were not without setbacks, as errors were made in some cases, and things broke as they often do when changes are attempted. On March 19, a status update read:
In my rush to get things moved, im a moron and somehow pasted the message incorrectly causing the key to cause a bad signature error. Please check my website for the correctly signed message. I’ll make a point to confirm the signature is proper moving forward.
Basically to everyone, the site has now down. This is expected, don’t freak out. Should be back up in a few hours and will provide another update once its back up. Appreciate your patience on all this.
But the site didn’t come back in a few hours, and on March 20, Baphomet wrote:
Basically, I’m alive and things are moving. Again, I’ll do my best to keep everyone up to date. Thanks everyone for your patience.
Two hours later, there was another update:
Hello everyone. Please consider this the final update for Breached.
I will be taking down the forum, as I believe we can assume that nothing is safe anymore. I know that everyone wants the forum up, but there is no value in short term gain for what will likely be a long term loss by propping up Breached as it is.
I want to make it clear, that while this initial announcement is not positive, it’s not the end. I’m going to setup another Telegram group for those who want to see what follows. You are allowed to hate me, and disagree with my decision but I promise what is to come will be better for us all.
As stated in the attached message please give me 24 hours to get some rest and give thought to how we move on from here. I will be back online after that, and we will talk. I am going nowhere.
Baphomet’s concerns seemed well-founded as he had discovered an access to one of the CDNs — after Pompompurin was arrested — that could not be accounted for and led to suspicions of FBI access.
So BreachForums will be not be back as BreachForums. Baphomet has yet to outline what he recommends going forward, but DataBreaches has already heard from at least one other individual who says a few people are already working on opening their own forum.
Sentence about access to a CDN added post-publication to clarify the security concerns.
Update of June 14, 2023: At some point, it looks like a note was posted on the breached.vc domain where BreachForums had lived: “Any forums claiming to be “Breached” or “BreachForums” should be used with caution. BreachForums will never return.” On June 14, an additional note was added, linking to this post about how BreachForums was down and would not return.
That link was added the day that BreachForums.vc opened. It appears intended to make people suspicious of the new forum.
It is important to remember that although Pompompurin’s site was called “BreachForums,” it was on breached.vc. THAT is the BreachForums this post was discussing. The breachforums.vc domain appears to be owned by ShinyHunters who opened a new BreachForums on it today.