Home > Security > Security News

BreachForums Reemerges, Admin Apologizes for Honeypot Confusion, Claims the Attack the French Govt Announced Impacting Over 16M Individuals

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Breach Forums
Summarize with:
ChatGPT logo ChatGPT Claude.ai logo Claude.ai Google AI logo Google AI Grok logo Grok Perplexity logo Perplexity
Google logo Add as preferred source on Google

Key Takeaways

The notorious BreachForums appears to have re-emerged, claiming a significant data breach targeting the French state. On December 13, 2025, a forum administrator using the alias "Indra" posted a statement intended to clarify recent confusion about the forum's status and to assert that the platform is not a law enforcement honeypot as ShinyHunters said

It’s not clear yet what this announcement means, whether it comes from a member of the previously disrupted dark net platform or just another honeypot. Meanwhile, earlier this month, RaidForums V2 came back online at the same clearnet site, raidforums[.]st, and under a new onion.

Extent of the Alleged MININT Data Compromise

To prove its autonomy and retaliate for the arrest of their associates, the group claims to have successfully executed a French government hack, specifically targeting the Ministry of the Interior ("MININT").

Interior Minister Laurent Nuñez said in a statement shared with RTL Radio on Friday that an unnamed attacker had accessed some files during a recent cyberattack targeting its email servers.

New BreachForums post
New BreachForums post | Source: HackManac on X

The post details an extensive exfiltration of sensitive data, challenging official narratives that reportedly limited the incident to email server access. The threat actors allege they have accessed the "TAJ" (Criminal Records Processing) and "FPR" (Wanted Persons) databases, claiming to hold records on 16,444,373 individuals. 

Furthermore, the statement suggests the compromise extends beyond the police files to include INTERPOL's "EASF MI" system, the DGFIP (public finances), and the CNAV (pensions). 

This alleged MININT data compromise represents cybersecurity threats facing sovereign nations, potentially exposing millions of citizens and law enforcement data.

Ultimatum and Cybersecurity Implications

The administrators have issued an ultimatum to the French government, providing a one-week window to establish contact via a redacted method to "negotiate what happens to their files." 

They offer two outcomes: the purchase and subsequent deletion of the data by the government, or the sale of the data to the cybercriminal community to verify the forum's legitimacy. 

This incident underscores the persistent volatility of underground cyber marketplaces and the severe risks posed when these groups target national infrastructure to prove their resilience against law enforcement takedowns. The FBI Internet Crime Complaint Center (IC3) helps report related cyber criminal activity.

About 2.6GB of ‘Relief Database’ allegedly from Interpol was released on BreachForums in February, and a threat actor claimed to leak 1,000 database entries from Interpol in May.

In June, French Police disrupted BreachForums as the U.S. indicted British cyber kingpin "IntelBroker" and four other French hackers, who operated under the pseudonyms "ShinyHunters," "Hollow," "Noct," and "Depressed," were arrested.

In October, the FBI announced seizing BreachForums’ clearnet domain. Administrators ShinyHunters confirmed all database backups since 2023, including escrow records, were compromised during the seizure, but said the takedown would not impact its ongoing extortion campaign against Salesforce. 

Meanwhile, the German government on Friday said Russian nation-state hackers were behind a 2024 hacking incident targeting air traffic control systems, as reported by German public broadcaster Deutsche Welle.

Add a Comment
Related
trojan
FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals
PayPal Phishing
PayPal Subscription Feature Abused in Sophisticated Phishing Campaign
Phone - People - Age Group - Chat Bubbles
Child Safety: Age Verification Moves From Compliance to Court as Reddit Challenges Australia’s Under-16 Social Media Ban
Server Room - Laptop - Dashboard
React2Shell Now Used for Persistent Server Compromise
Woman - Papers - Charts - Gavel
Former Cloud Platform Manager Charged for Concealing Noncompliance to Secure Army Sponsorship, Raising Federal Security Risks
Hacker - Laptop - Defense
Mikord Data Breach: Claims of Russia’s Military Draft Systems Hack Shared via 'Idite Lesom'
Most Popular
trojan
FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals
PayPal Phishing
PayPal Subscription Feature Abused in Sophisticated Phishing Campaign
NordVPN Security Audit Shows Ongoing Independent Review
What the Latest NordVPN Security Review Actually Confirms - Everything You Need to Know
Part Human - Part Robot - Hacker - Hands
AI to the Rescue as Attackers Exploit Software Bugs, Human Vulnerabilities, and Artificial Intelligence
Phone - People - Age Group - Chat Bubbles
Child Safety: Age Verification Moves From Compliance to Court as Reddit Challenges Australia’s Under-16 Social Media Ban
Server Room - Laptop - Dashboard
React2Shell Now Used for Persistent Server Compromise
FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals
PayPal Subscription Feature Abused in Sophisticated Phishing Campaign
What the Latest NordVPN Security Review Actually Confirms - Everything You Need to Know
AI to the Rescue as Attackers Exploit Software Bugs, Human Vulnerabilities, and Artificial Intelligence
Child Safety: Age Verification Moves From Compliance to Court as Reddit Challenges Australia’s Under-16 Social Media Ban
React2Shell Now Used for Persistent Server Compromise

Most Popular
trojan
FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals
PayPal Phishing
PayPal Subscription Feature Abused in Sophisticated Phishing Campaign
NordVPN Security Audit Shows Ongoing Independent Review
What the Latest NordVPN Security Review Actually Confirms - Everything You Need to Know
Part Human - Part Robot - Hacker - Hands
AI to the Rescue as Attackers Exploit Software Bugs, Human Vulnerabilities, and Artificial Intelligence
Phone - People - Age Group - Chat Bubbles
Child Safety: Age Verification Moves From Compliance to Court as Reddit Challenges Australia’s Under-16 Social Media Ban
Server Room - Laptop - Dashboard
React2Shell Now Used for Persistent Server Compromise
FrogBlight Android Banking Trojan Targets Turkish Android Users via Smishing and Fake Government Court File Portals
PayPal Subscription Feature Abused in Sophisticated Phishing Campaign
What the Latest NordVPN Security Review Actually Confirms - Everything You Need to Know
AI to the Rescue as Attackers Exploit Software Bugs, Human Vulnerabilities, and Artificial Intelligence
Child Safety: Age Verification Moves From Compliance to Court as Reddit Challenges Australia’s Under-16 Social Media Ban
React2Shell Now Used for Persistent Server Compromise

TechNadu keeps you informed with the latest in cybersecurity, VPNs, and technology. From expert guides to in-depth reviews, we provide the knowledge you need to stay secure and connected in the digital world.

© 2025 TechNadu. All Rights Reserved. TechNadu is a part of Leaprove Media LLP.

Close lightbox
Facebook
Twitter
Linkedin
Reddit
Email
Copy Link
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: