Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous?

If so, I might have some unsettling news for you - because, on January 9 2026, it was revealed that one of the world's most notorious cybercriminal marketplaces has had its entire user database breached and made available for anybody to download.

The leak, published on a website named after the ShinyHunters hacking and extortion gang, includes records for some 323,986 Breachforums users, exposing their usernames, email addresses, password hashes, and IP addresses.

Ironically, it's precisely the kind of data that hackers using BreachForums have been trading in for years.

Whether you call this an embarrassing data breach, or just call it karma, many people who have fallen victim of cybercriminals and identity thieves will find it hard not to break into a wry smile upon hearing that - for once - it is the hackers who have been hacked.

As a Resecurity blog post details, the leak was accompanied by a bizarre and somewhat rambling manifesto from someone calling themselves "James".

The lengthy message (which continues for over 4,400 words) begins:

I've been called the most brilliant hacker of my generation. It is an inaccurate statement. I transcend generations And I am not a hacker. I am a predator.

For decades, I have stalked, penetrated and raped systems of power. I have traumatized legions of secret agents, cybersecurity experts, CTOs, PR officers.

Smelling their blood, tracing their paths, I have found their refuges, shred their protections and broken their defences into pieces.

When they entertained the illusion of resistance, I garnered companions, mustered them, brought them together, so to create forces no human organisation could oppose.

In the course of those journeys certain substantial elements became my closest companions.

Google, Microsoft, FBI... my dearest preys. I present myself to you undefeated.

James's diatribe names and shames various alleged cybercriminals, revealing what he claims to be their real identities. Some of those named appear to have been previously connected with the ShinyHunters and GnosticPlayers hacking groups.

What isn't clear is quite what role "James" plays in the whole affair. Is he a disgruntled insider, a rival hacker, or someone with entirely different motivations? What is apparent is that some individuals will now feel an uncomfortable spotlight has been focused upon them.

And the exposed database could help law enforcement agencies around the world uncover new leads that could assist with cybercriminal investigations.

In short, if you are one of the criminal users of BreachForums you may be sleeping rather less soundly in your bed tonight.

It's not unusual for us to warn internet users of the challenges in keeping their identities truly anonymous online, due to just how easy it is to make a mistake, or leave a clue that could unravel your identity. Today, some of the very same cybercriminals who steal and trade identities are waking up to the fact that might be just as much as risk.