Data Security OnlyFans user data advertised on cybercrime forum, seller claims no direct breach May 26, 2026 Share By SC Staff (Adobe Stock) A threat actor is advertising a large database purportedly containing information on hundreds of millions of OnlyFans users, including creators and subscribers. However, the seller claims the data was compiled from previous leaks and public sources, not a direct breach of OnlyFans systems, based on information published by HackRead. A user on a cybercrime forum is selling a database of 340 million records allegedly linked to OnlyFans users for approximately $76,000. The advertised data includes usernames, names, email addresses, phone numbers, and account activity. Initially, the listing suggested a direct breach or scraping of OnlyFans. However, the seller clarified that the database was assembled by combining information from prior data leaks, including those from Twitter, Instagram, and Spotify, with publicly available data and matching it to OnlyFans users. Sample data reviewed showed incomplete records and formatting inconsistent with typical platform databases. While some usernames and linked details were verified against public OnlyFans profiles, the authenticity of payment card information remains unconfirmed. The aggregation of this data poses risks of phishing, blackmail, and harassment for both creators and subscribers, highlighting a trend of threat actors creating searchable identity databases by merging old breach data with public information. Source: HackRead SC Staff Related Data Security Trump Mobile confirms exposure of customer data SC Staff May 22, 2026 Chris Walker, a spokesperson for Trump Mobile, stated that the company is investigating the exposure and has not found evidence of financial information being compromised. Data Security Wahlap data leak exposes 18.9 million records from WeChat mini-program ecosystem SC Staff May 21, 2026 Security researchers discovered an open Elasticsearch instance belonging to Wahlap, a prominent arcade game manufacturer that collaborates with industry giants like Sega. Data Security Carding forum B1ack’s Stash releases millions of stolen credit card records SC Staff May 20, 2026 The released data is unusually comprehensive, including full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bit Block Cipher Byte Ciphertext Cryptographic Hash Functions Data Aggregation Data Encryption Standard (DES) Decryption Diffie-Hellman Digital Signature You can skip this ad in 5 seconds