ThinkingOne

Aw, I missed this one!

I think that the term "[Fresh]" is legally defined as "Anything created at least 15 years ago".

This comes from the old consumer database that was on archive.org about 10 years ago. It is from July, 2009.

What you found is not bank data leaks, it's old (dating back to around 2007-2009, none later than around 2015 "PayDay loan leads".

Some of these are sketchy, from scammy websites claiming to send your payday loan request to various lending companies (but probably not actually doing that). In most cases, they have been "re-hashed" where a true scammer takes the data and manipulates it to appear fresh (at the very least, they will remove/replace any fields with dates in them). Each time the data gets rehashed, it gets a bit farther from what the user originally entered. If you're a boomer, it's like xeroxing xeroxes.

The rest are nearly entirely fictional, where an even more seasoned scammer gets the help of a programmer to take old, crappy non-payday leads (again, 2007-2015 era) and decide where these people worked, how much they got paid, etc. So you'll find the CEO of Target asking for a $300 payday loan. Apparently from a great payday loan company, since the COO, CFO, and President also are asking for tiny payday loans.

I know, I know, you're going to tell me you got these from some guy that told you they were "FRESH!". But those that know me know my offer: feel free to send me some samples and I can go into more details, or test me (e.g. send some fields and I can fill in the rest).

If I had to guess without a sample, I'd say that Tina, who actually did once work at Walmart, wants $300. If so, the freshest data in your file is over 10 years old.

... so the taxing authority in India stores their data with ages, not DOBs?

For those that are curious (few ever are!), this is from around March 2023. The original also had a Referral URL field, Completed Referrals Count, and had some test accounts that were removed for this one.

This appears to be the same data that @AMG was selling...

There are 2 pieces to the Breach/Raid Forums admin puzzle: Operating the site, and participating in it.

In the U.S., it would likely be hard to get prison time for someone running RF/BF/BS. I haven't seen any laws banning it, and Section 230 would be a great first defense.

They went after Omnipotent and Pompompurin with hacking laws and "access devices" laws (I.E. passwords). That's because both ran a "middleman" service, hacked themselves, and/or sold data obtained from hacking.

So if someone was smart and wanted to, they could carefully (as in, follow the advice of a lawyer) run a site like BF and stay out of prison. Very risky, of course ("winning" a criminal case against you can have huge costs, ranging from dollars to reputation, to years of stress until the final verdict). Making money would be the hard part (e.g. if you sell credits so people can download "access devices"=passwords).

Not legal advice to anyone, but something I've thought a fair bit about (I would never run a forum like this, just curious about the law).

@swag My bad, sorry!

Well maybe the AI running the website saw that you wrote "[FREE]" and so it helped you by letting people get it for free, even though you accidentally tried to set it up so people would have to pay credits.

Curious as to how this is private. Over 99% of the email addresses appear in list of emails compiled by Addka72424, which I believe was based on public leaks.