Site That Disclosed Major Security Breaches Shut Down In Raid

According to recent reports online, see one here from the Register, the LeakedSource data breach aggregator and look-up service has been taken offline by what is thought to have been a police raid.

The site uncovered a number of high-profile data leaks, including 85.2m records from Dailymotion, 32m Twitter accounts and 43m from Weebly, but had been widely criticised for disclosing account details rather than informing users directly.

While no official statement has been made, a Pastebin post – lifted from this forum thread (login required) – made shortly after the takedown claims the site has been raided and all of its hosted data has been seized by law enforcement agencies. Ilia Kolochenko, CEO of Web Security Company at High-Tech Bridge commented below. 

Ilia Kolochenko, CEO of Web Security Company at High-Tech Bridge:

“All the circumstances are not clear yet, however the shutdown is not a big surprise. Despite the good faith declared by the resource, it was aggregating personal data of data breach victims, initially obtained in a criminal or unlawful way. Nevertheless, the resource was also serving a public interest by providing people with information if and how their data had been compromised.

In the epoch of upcoming GDPR enforcement, existence of similar public services is very unlikely. It’s difficult to say if the shutdown will bring more good than harm, however some negative consequences are foreseeable. Now cybercriminals will create alternatives in the Dark Web, precluding victims and law enforcement from tracking and investigating new data breaches. Probably a government should create a similar resource, but without exposing personal data to everyone – people should be eligible to know if their data is stolen and may be used against them.”