Sensitive information about millions of convicted criminals has just been leaked online.
This Wednesday, cybersecurity researchers from Malwarebytes published a blog post detailing that a group of cybercriminals leaked a database containing the criminal records of millions of Americans. The database is said to contain 70 million rows of data.
Given the way Malwarebytes worded the announcement, we can assume that the researchers did not have direct access to this database. Yet it was said to contain people’s full names, dates of birth, known aliases, mailing addresses, dates of arrest, dates of conviction, sentences and more.
Construction of a new leak location
The database is fairly new and contains data generated between 2020 and 2024. Each row represents a single crime, and not a record of all crimes a person may have committed, Malwarebytes’ Pieter Arntz confirmed. Tom’s guide.
The data was leaked by two well-known cybercriminals: EquationCorp and USDoD.
According to the researchers, the latter is a ‘high-profile player’ in the field of data breaches, reportedly closely associated with Connor Fitzpatrick, alias Pompompurin.
For those who haven’t been paying attention, Pompompurin was the owner and main administrator of BreachForums, the world’s most popular underground forum for sharing stolen and leaked data, malware and other warez. The forum was recently dismantled and Fitzpatrick was arrested.
Malwarebytes claims that USDoD is planning to build a new leak forum, similar to BreachForums, and that releasing this data could be a PR stunt to attract attention and generate interest in the new site.
At this time it is unknown from whom the hackers stole this data, when and how.
In any case, our American readers with a criminal history should pay attention to the emails they receive, especially if they mention criminal convictions, contain attachments and links, or demand urgent action. Hackers are likely to abuse the database in phishing and social engineering attacks.