Overview
- The archive appeared on a ShinyHunters-branded site as a 7z file containing databoose.sql, a manifesto, and a PGP key, though a ShinyHunters representative denied affiliation with the host.
- The users table holds 323,988 records with display names, email addresses, Argon2i password hashes, and links to external accounts reviewed by independent analysts.
- BleepingComputer found about 70,296 entries with public IP addresses while most others used a loopback placeholder, raising potential OPSEC and investigative implications.
- The forum administrator known as N/A said the data came from an August 2025 backup briefly left in an unsecured folder and downloaded once, disputing claims of an active breach.
- Timestamps in the dataset align with registrations up to August 11, 2025, and the archive also includes a passphrase-protected PGP private key plus a theatrical ‘James’ manifesto with unverified claims.