Good luck keeping the past hidden now—a significant database breach exposed the criminal records of millions of Americans online.

📷  Sora Shimazaki / Pexels

There is bad news for Americans who want to get behind their unlawful pasts: sensitive data on millions of convicted offenders has been leaked, according to researchers.

In a blog post, Malwarebytes describes how a group of hackers exposed a database believed to have 70 million rows of data, which included the criminal histories of millions of Americans.

We can infer that Malwarebytes’ researchers did not have direct access to this database based on the language used in the statement. Nevertheless, it was said to include details such as full names, birth dates, postal addresses, known aliases, dates of arrest, dates of conviction, sentences, and more.

Developing a new leak site

The database, which contains information created between 2020 and 2024, is relatively new. A single felony is represented by each row; it is not a list of all the crimes a person may have committed.

EquationCorp and USDoD, two well-known cybercriminals, released the data.

The researchers claim that the latter is a “high-profile player” in the world of data leaks and that Connor Fitzpatrick, also known as Pompompurin, is intimately connected to him.

In case you missed it, Pompompurin was the proprietor and chief administrator of BreachForums, which is the most well-known underground site worldwide for exchanging malware, stolen and leaked data, and other pirated files. Fitzpatrick was recently taken into custody and the forum dismantled.

According to Malwarebytes, USDoD intends to create a new leak forum like BreachForums, and making this data public may be a publicity gimmick to generate interest in the new website.

It is currently unknown when, how, or from whom the hackers obtained this material.
Regardless, our American readers who have a criminal record ought to be cautious about the emails they receive, particularly if they cite prior convictions, provide attachments or links, or require immediate action. The database will probably be used by hackers for social engineering and phishing scams.