Overview
- The listing for what the seller called “340 Million User Records” appeared on a cybercrime forum on Monday and was priced at about 0.313 BTC.
- In private messages the forum user using the alias Euphoric_Reply_5727 told researchers they did not hack OnlyFans and that the file was assembled from prior breach dumps and public profile data.
- Independent checks of samples shared by the seller show several usernames and UIDs that match public OnlyFans profiles, but many fields are incomplete and the overall format differs from a platform export.
- Claims that the dataset includes payment card data such as last four digits remain unverified and OnlyFans has not confirmed any breach.
- Security experts say these so-called compilation leaks can still enable phishing, account takeover, doxxing and extortion by linking emails, phones and social accounts, and they note a growing underground market for repackaged identity datasets.