Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Law Enforcement Raid Blamed For LeakedSource Shutdown

The controversial data breach notification service LeakedSource has been down for nearly 24 hours and it is rumored that the website has gone offline following a law enforcement raid.

The controversial data breach notification service LeakedSource has been down for nearly 24 hours and it is rumored that the website has gone offline following a law enforcement raid.

LeakedSource is the service that disclosed many of the mega breaches that came to light in 2016, including the ones affecting FriendFinder Networks, VerticalScope, Last.fm, LinkedIn, DailyMotion and Rambler. These leaks have led to 2016 being a record year for data breaches, with a total of more than 4.2 billion records exposed.

The operators of LeakedSource have not been active on Twitter since January 10 and users have complained on several occasions about the website being down. The service is now once again offline, but this time some people believe it will not be returning.

A message (cached) posted on Thursday by a user on a hacking forum claimed “LeakedSource is down forever and won’t be coming back.”

“Owner raided early this morning. Wasn’t arrested, but all SSD’s got taken, and Leakedsource servers got subpoena’d and placed under federal investigation. If somehow he recovers from this and launches LS again, then I’ll be wrong. But I am not wrong,” the user said.

While this statement has led some to believe that the owner of LeakedSource has been targeted by law enforcement in the United States, the company claimed in the past that it was based outside the U.S.

Users have complained on several hacker forums that they had just purchased a subscription on LeakedSource. Others have already started advertising alternative services.

SecurityWeek has reached out to LeakedSource representatives and will update this article if they respond.

Some members of the industry said they would not be surprised if the reports of a raid turn out to be true. Troy Hunt, the Australian security expert who runs the breach notification service Have I Been Pwned, pointed out that, unlike the website he operates, LeakedSource has often been used for malicious purposes.

LeakedSource stored a lot of sensitive information – its databases allegedly held 3.1 billion accounts – and users who paid for a subscription were given access to data such as usernames, passwords (hashed and clear text), email addresses, and IP addresses.

Hunt noted that while LeakedSource had been operating from behind CloudFlare, its real IP address could have been easily obtained by law enforcement using freely available services such as CrimeFlare.

“By late 2016, it was becoming apparent that their actions were erring very much on the black side of grey. There was a constant flow of data that wasn’t appearing anywhere else in the usual trading circles before first coming to air via their service,” Hunt said in a blog post.

“Speculation was rife that there was incentivisation occurring not just to provide data that had already been obtained, but to actively seek out new targets that could subsequently be added to the feed of data then monetised by selling the personal information of the victims to whomever was willing to pay for it. This was always rumoured amongst those ‘in the scene’, but it’s not yet clear whether this contributed to the take down or if it was solely due to the services directly provided on the site,” he added.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Ransomware

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive...

Ransomware

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack