Dan Goodin reports:
A website that openly facilitated the brokering of compromised passwords, stolen bitcoins, and other sensitive data has been hacked, exposing login data, IP addresses, e-mail addresses, purchase histories, and private messages for some 500,000 members.
Nulled.io, a hacker forum that used the tagline “expect the unexpected,” was compromised earlier this month in a hack that exposed virtually all of the private data associated with it, security researchers said. As of publication time, more than a week later, the resulting 1.3 gigabyte compressed archive file remained available on a popular data breach sharing site on the clear Web. It was easily accessible to anyone, including hacking victims, fellow hackers, and law enforcement agents. The dump was discovered by analysis firm Risk Based Security
Read more on Ars Technica.