The leak, published by a user named "James" and linked to the group (who later denied direct involvement), contained a full MyBB forum database dump.
Always run any downloaded .exe or executable script through VirusTotal before running it. beastforum archive patched
The initial SQL dump contained unsalted MD5 password hashes. Malicious actors used these to reverse-engineer plaintext passwords for former members, many of whom reused credentials on crypto exchanges and email accounts. When the forum's former administrators became aware of this, they (or an unknown third party) released a "patched" version of the dump where all email addresses and password hashes were zeroed out. Downloading the pre-patch archive became impossible as original sources re-uploaded sanitized versions. The leak, published by a user named "James"