HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

340M OnlyFans User Records Leaked and Put Up for Sale

A hacker is offering a 340 million record database from OnlyFans, linking creators and subscribers to real identities using old leaks and public data. The exposure threatens personal privacy and highlights the need for rigorous third‑party risk controls on subscription‑based SaaS platforms.

LiveThreat™ Intelligence · 📅 May 26, 2026· 📰 techrepublic.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
3 sector(s)
Actions
3 recommended
📰
Source
techrepublic.com

340M OnlyFans User Records Leaked and Put Up for Sale

What Happened — A hacker advertised a database containing approximately 340 million records from the OnlyFans platform, claiming the data combines old leaks and publicly scraped information to map creators and subscribers to real‑world identities. The dataset is now listed for sale on underground forums.

Why It Matters for TPRM

  • Exposure of personal and financial details can lead to extortion, fraud, and reputational damage for both creators and subscribers.
  • Third‑party risk managers must assess the security posture of subscription‑based SaaS vendors handling sensitive user data.
  • Large‑scale data leaks increase the likelihood of downstream attacks against partner organizations that integrate with the platform.

Who Is Affected — Adult‑content creators, subscribers, and any downstream services (payment processors, marketing partners) that rely on OnlyFans data.

Recommended Actions

  • Review contractual security clauses with OnlyFans or any similar content‑hosting SaaS providers.
  • Verify that the vendor employs strong credential hygiene, MFA, and continuous monitoring.
  • Conduct a risk assessment for any internal processes that ingest or store OnlyFans user data.

Technical Notes — The leak appears to be a result of credential compromise combined with aggregation of previously public dumps. No specific CVE was cited. Exposed data includes usernames, email addresses, payment details, and real‑world identity mappings. Source: TechRepublic Security

📰 Original Source
https://www.techrepublic.com/article/news-onlyfans-340m-database-sale/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · SOC 2 Readiness

Access is where most audits get tested.

Verisq AI Trust Operations maps incidents like this to your access controls and collects the evidence continuously, keeping your SOC 2 posture defensible.

See where you'd stand with Verisq AI Trust Operations →