Two days ago, a group of hackers managed to breach servers of Freedom Hosting II a popular web hosting service by DarkWeb.
Unsurprisingly, the hackers weren't satisfied with just replacing 10.613 websites with one that said “Hello, Freedom Hosting II, you have been hacked” but they also hijacked the bases data of the Web Hosting service.
All data is already online.
According to Troy Hunt, who runs the popular service Have I Been Pwned?, the data dump includes email details from 381.000 users.
Since Freedom Hosting II was a very popular service for those involved in the creation and distribution of child pornography, many of the addresses as well as the messages e-mail will probably "burn" a lot of people.
Almost 21 percent of these addresses also existed in previous violations that have passed to the Have I Been Pwned database indicating that many of these are real addresses that some people use on a daily basis.
In a tweet, Troy Hunt said there were "thousands" of .gov emails, adding that "how many are real and for what purposes they are used is another matter."
Thousands of .gov emails. How many are real and what purposes they were being used for is another issue. https://t.co/31fQoWG4qj
- Troy Hunt (@troyhunt) February 5, 2017
In addition to user information, leakage also contains backups of webpages, many of which were using free content systems such as WordPress and PHPBB. According to Hunt, almost half of the websites present in leaked data are reported to contain illegal content of child pornography.
The rest of the content is forged websites used for phishing, hacking forums, personal blogs, and Bitcoin escrow services.
According to Hunt, the data leaked from Freedom Hosting II is almost certainly in the hands of law enforcement. So it seems inevitable that in the coming weeks, some will hear a hit on their doors.