Data of 340 million OnlyFans users put up for sale on the dark web

A threat actor has put up for sale the information of as many as 340 million OnlyFans users for 0.313 BTC, or £17,637, on a popular cyber crime forum.

 

The threat actors, who uses the alias "Euphoric_Reply_5727" on the forum, advertised the massive user database on the cyber crime forum earlier this week. They claimed that the user database was obtained from OnlyFans internal systems and contained users’ personal information, account activity and payment-related information. 

 

As per the threat actor’s claims, the database on sale also contained OnlyFans users’ usernames, names, contact details such as phones numbers and email addresses, linked social media profiles as well as their OnlyFans usage statistics such as the number of followers, the number of likes, and details of uploaded content. 
 
OnlyFans is a popular subscription-based social media platform headquartered in London. The platform, which boasts more than 370 million subscribers globally, lets content creators share exclusive images, videos and livestreams with paying subscribers. Creators set a monthly subscription price and keep 80% of their earnings, with the rest of the money going to the platform.

 

According to HackRead which broke the news, the threat actors stated that they did not directly hack OnlyFans or breach any of its online databases, but compiled data from older breaches and leaked databases with information of active OnlyFans users. 

 

The compilation enabled the threat actor to link people’s social media accounts with their personal information, enabling anyone with access to the database to easily ascertain the real identities of millions of OnlyFans users. It is unclear whether the hacker has been able to find a buyer for the database so far.

 

"Correlating usernames, emails, phone numbers, and social media accounts can expose creators and subscribers to phishing campaigns, blackmail attempts, stalking, impersonation, and targeted harassment," HackRead said.

 

In January, the login credentials of OnlyFans users were found by cyber security researcher Jeremiah Fowler in a publicly exposed database that contained close to 150 million login credentials for popular social media and online platforms like Gmail, Facebook, Yahoo, Outlook, and more.

 

Fowler said the exposed dataset included 48 million Gmail accounts, 4 million Yahoo accounts, 17 million Facebook accounts, 6.5 million Instagram accounts, 3.4 million Netflix accounts, 1.5 million Outlook accounts, 1.4 million .edu accounts, along with many others. 

 

“The exposed records included usernames and passwords collected from victims around the world, spanning a wide range of commonly used online services and about any type of account imaginable. 

 

“These ranged from social media platforms such as Facebook, Instagram, Tiktok and X (formerly Twitter), as well as dating sites or apps, and OnlyFans accounts indicating login paths of both creators and customers. I also saw a large number of streaming and entertainment accounts, including Netflix, HBOmax, DisneyPlus, Roblox, and more,” he added.