BolsaPHP
Breach Details
Description
We've been tracking a resurgence in older breach datasets appearing on underground forums, often repackaged and sold as "new" combolists. What initially seemed like just another dump of credentials took a more concerning turn when we traced it back to a 2018 breach of **BolsaPHP**, a Spanish online trading simulator. What really struck us wasn't the volume of the leak – just under 30,000 records – but the targeted nature of the platform and the implications for financial sector targeting. The data had been circulating quietly, but we noticed a recent spike in mentions across several hacking forums, suggesting renewed interest from threat actors.
BolsaPHP Leak: 28k Accounts Resurface in Combolist
The **BolsaPHP** breach, originally reported in August 2018, has resurfaced in the form of a combolist on a prominent hacking forum. Discovered during routine monitoring of these forums, the dataset immediately caught our attention due to the sensitive nature of the platform – an online trading simulator likely used by individuals learning about or interested in financial markets. The re-emergence of this data suggests that older breaches continue to provide value to attackers, particularly when targeting specific demographics or industries. This highlights the enduring risk posed by legacy credentials.
Key point: Total records exposed: **28,428**
Key point: Types of data included: **Email Addresses**, **Password Hashes (MD5)**
Key point: Sensitive content types: None explicitly, but inferred interest in financial trading.
Key point: Source structure: Likely a database export.
Key point: Leak location(s): Popular hacking forum.
Key point: Date of first appearance: **August 26, 2018** (original breach), recently resurfaced
The original breach was reported on several security websites at the time, though it didn't gain widespread attention. A search reveals mentions on smaller Spanish-language tech news sites, confirming the 2018 timeframe. The use of **MD5** hashing, while common in 2018, is now considered highly insecure, making password cracking relatively straightforward for attackers with sufficient resources. The combination of financial interest and weak hashing algorithms makes this data particularly valuable for credential stuffing attacks targeting financial institutions and related services.
Leaked Data Types
Email · Address · Password · Hash
Impact Score
Based on data sensitivity, breach size, and recency
Estimated Financial Impact
This is an estimate based on potential fraud, phishing, and data misuse. Not all users will be affected.
/includes/qr-code.png)