In a coordinated international operation, law enforcement agencies led by the US Federal Bureau of Investigation (FBI) and Europol have successfully taken down LeakBase, one of the internet's most notorious cybercrime forums. The takedown, executed on March 3 and 4, 2026, involved synchronized actions across 14 countries.
The forum, which had amassed more than 142,000 members and hosted over 215,000 messages, served as a major hub for hackers to buy and sell stolen personal data, financial credentials, and cybercrime tools. FBI Cyber Division Assistant Director Brett Leatherman stated that the operation seized "users’ accounts, posts, credit details, private messages, and IP logs for evidentiary purposes." Authorities replaced the site with seizure banners and issued prevention notices to its members.
Enforcement actions, including the execution of search warrants and arrests, were carried out in the United States, Australia, Belgium, Poland, Portugal, Romania, Spain, and the United Kingdom. Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division emphasized that "the takedown of this cyber forum disrupts a major international platform that cybercriminals use to obtain and profit from the theft of sensitive personal, banking, and account credentials."
The news highlights a broader context of rising cyber threats against the cryptocurrency industry. While LeakBase itself was not specifically crypto-focused, its predecessor, Raidforums (shut down in 2022), previously hosted leaked data containing personal information of approximately 272,000 users of crypto wallet firm Ledger. Over the past year, the sector has seen an increase in leaked exchange credentials, insider data exposure, and social engineering attempts.
Notable incidents cited include a May 2025 breach where cybercriminals bribed overseas contractors to access Coinbase's internal systems, and the leak of nearly 60,000 Bitcoin addresses tied to the LockBit ransomware infrastructure. More recently, on February 23, a crypto trader reported an extortion attempt by a former Revolut employee threatening to expose personal information.
