The French police have reportedly arrested 5 operators of the BreachForum cybercrime discussion board, a web site utilized by cybercriminals to leak and promote stolen information that uncovered the delicate info of tens of millions.
Information of the arrests come from Le Parisien, which claims the regulation enforcement operation was carried out by the cybercrime unit (BL2C) of the Paris police division on Monday.
In response to reporters, the police carried out simultaneous raids within the areas of Hauts-de-Seine (Paris), Seine-Maritime (Normandy), and Réunion (abroad).
Throughout this motion, they’ve arrested 4 hackers identified on-line by the handles “ShinyHunters,” “Hole,” “Noct,” and “Depressed.”
For months, rumors circulated that one other well-known menace actor, “IntelBroker,” had additionally been arrested. Le Parisien stories that IntelBroker was additionally arrested by French authorities in February 2025.
The BreachForums hacking boards have gone via quite a few iterations over time however acted as a neighborhood for cybercriminals to commerce, promote, and leak stolen information, in addition to promote entry to company networks and different unlawful cybercrime companies.
In 2023, the unique BreachForums shut down after its operator, Conor Brian FitzPatrick (aka Pompompurin), was arrested.
Quickly after, different menace actors locally launched BreachForums v2, which was led by menace actors referred to as ShinyHunters, Baphomet, and, later, IntelBroker.
The 5 menace actors that have been arrested have been reportedly concerned within the operation of this new launch of the location.
ShinyHunters and IntelBroker have been admins/house owners of the location, and archived posts present Hole appearing as a moderator. It’s unclear what involvement “depressed” and “noct” had within the operation of the location.
These cybercriminals are accused of getting direct involvement in information breaches towards French entities like Boulanger, SFR, France Travail, and the French Soccer Federation.
The assault towards France Travail (previously Pôle Emploi) was notably notable for compromising the delicate particulars of an estimated 43 million people.
IntelBroker rose to notoriety for his involvement in extremely publicized breaches at Europol, Common Electrical, Weee!, AMD, HPE, Nokia, and Cisco. Nevertheless, the menace actor entered the highlight after breaching DC Well being Hyperlink, the group that administers the well being care plans of U.S. Home members, their workers, and their households.
ShinyHunters is probably the most infamous amongst these arrested, because the alias has been linked to a number of high-profile information breaches and assaults, together with these towards Salesforce and PowerSchool, and the SnowFlake assaults, which impacted Santander, Ticketmaster, AT&T, Advance Auto Elements, Neiman Marcus, and Cylance.
The ShinyHunters menace actors have additionally been concerned in a big quantity breaches in 2025, with the group believed to encompass a number of menace actors working underneath the identical title.
BreachForums v2 went offline in April 2025 after the location was allegedly breached by a MyBB zero-day vulnerability. The discussion board by no means returned on-line.
BleepingComputer has contacted the Paris police and ANSSI to touch upon the validity and accuracy of the stories, however now we have not acquired a response but.
Patching used to imply complicated scripts, lengthy hours, and limitless hearth drills. Not anymore.
On this new information, Tines breaks down how fashionable IT orgs are leveling up with automation. Patch sooner, scale back overhead, and concentrate on strategic work — no complicated scripts required.
