Breach Notification Website LeakedSource Allegedly Raided By Feds

Breach notification service LeakedSource may be permanently shut down after the owner of the site was raided earlier this week. "At the start of the new year, LeakedSource indexed more than 3 billion records," reports CSO Online. "Their collection is the result of information sharing between a number of sources, including those who hacked the data themselves. Access to the full archive requires a membership fee." From the report: On the OGFlip forum Thursday, a user posted vague details about the LeakedSource raid, but Salted Hash has been unable to verify the claims. The U.S. Department of Justice will not comment, refusing to confirm or deny any investigations related to LeakedSource. The operators of the notification service itself have been offline for several days, and the LeakedSource website stopped working late Tuesday evening. The message from OGF reads as follows: âoeLeakedsource is down forever and won't be coming back. Owner raided early this morning. Wasn't arrested, but all SSD's got taken, and Leakedsource servers got subpoena'd and placed under federal investigation. If somehow he recovers from this and launches LS again, then I'll be wrong. But I am not wrong. (sic)"

Re: firstpost

[Anonymous Coward]

Oh, knock it off.

As for the actual issue, this seems like it's the work of trolls. I may be wrong, but it looks suspicious to me. Here's another link on the topic, with more information: http://www.zdnet.com/article/breach-site-leakedsource-raided-by-feds/ [zdnet.com]

If the owner wasn't arrested, it should be possible to confirm that the site isn't coming back or to make some sort of statement. Also, the note makes me very suspicious. Consider this: if I start a statement by saying, "I'm not racist, but...," it usually

Re:

[AmiMoJo]

Can someone explain why the feds would want to shut this site down? As far as I can tell from TFA and google, it seems that it merely collected leaked data sets and provided notifications to users when their data was being published or sold somewhere.

Re:

[Anonymous Coward]

Forget about 'sounds':

https://arstechnica.co.uk/secu... [arstechnica.co.uk]

If this article is true I can't side with them at all. And I'm having a really hard time understanding the apologetics who think what they've done is legal or should be legal. You can provide awareness that a breach has occurred without actually storing the stolen data. If it's a database of user names and encrypted passwords for instance, trying to generate the plain-text passwords is plainly malicious, and why are you holding the encrypted pas

Troy Hunt's comments on this

[davecb]

https://www.troyhunt.com/thoug... [troyhunt.com]

Not surprised, LeakedSource seemed rotten

[Anonymous Coward]

Not surprised they got raided. LeakedSource always seemed to give me a sort of rotten vibe, that something was off. The fact they wanted money upfront and seemed to be double-dealing made me wonder about them. At least Troy Hunt's alternative is both free and seems way more legitimate, if not as comprehensive.

Slashdot Afraid to Post?

[BoRegardless]

Feds got your tongue?

Bullshit reporting

[Anonymous Coward]

So a journalist published an article based on a forum post and pastebin link... that sounds about right... modern-day media... go figure. No wonder the term fake news exists.

Re:

[Anonymous Coward]

You make it sound like the EPA is a good thing. As long as they are a proxy for Agenda 2030 they are NOT a good thing.

Second you don't encrypt jack shit when you work for the EPA. You are going to use the software the agency gives you to use. it actually sounds more to me, like you don't know jack shit about Federal Government employee SOP's.

TSP boys have the tops rolling, getting ready to POP AX on muh G fyund bytchez..

what you mean 60+ fool

Third the 60- crowd can't engineer their way out of a w

Backup backup backup

[Bruce66423]

The main moral to take from this story is that if you are going to upset people who have legal powers, make sure that your data is held in a way that is beyond their powers to get at. One of the more interesting possibilities lies in the 'Principality of Sealand' - https://en.wikipedia.org/wiki/... [wikipedia.org] whose legal status is... interesting. If your data was there and you upset Uncle Sam enough, would he try to invade - and would the UK let him!!

Re:

[geekmux]

...If your data was there and you upset Uncle Sam enough, would he try to invade - and would the UK let him!!

HavenCo has a rather interesting history of trying to host a data center there...

Re:

[coofercat]

Sealand might be a possible replication destination, but I doubt you'd want to actually host there for a number of reasons:
1) It's dependent on the UK mainland for just about everything (including an internet connection)
2) If it becomes too much of a problem for the UK government (or their puppet master, like the US), then there'll be an industrial accident where a container ship bumps into it, or the navy dives under it and damages it, or just straight-out blows it up and claims it was a natural disaster o

What a stupid article

[kronix1986]

This "breach notification site" SOLD password caches to third parties - and even cracked the password hashes before selling them. Why doesn't the summary mention this? This site sold people's credentials passwords to spammers, fraudsters and other malicious actors: https://arstechnica.co.uk/secu... [arstechnica.co.uk]