UK Dirt

We've been tracking an uptick in credential stuffing attacks targeting smaller, niche online communities. What really struck us about this particular incident wasn't the scale—just under 9,000 accounts—but the age and persistence of the data. It highlights the long tail of risk associated with older breaches, and how even seemingly insignificant datasets can resurface years later to fuel new attacks. The fact that this breach, dating back to **December 2015**, is still circulating underscores the need for continuous monitoring and proactive password resets, even for services that may seem low-value.

UK Dirt Breach: Eight-Year-Old Credentials Still in Circulation

The breach at **UK Dirt**, an online community focused on demolition derby and banger racing, exposed 8,694 user records. While the community itself may be relatively obscure, the re-emergence of these credentials nearly a decade later presents a tangible risk. We discovered the database while monitoring a known credential stuffing source on a popular hacking forum. The data had been circulating quietly, but we noticed it due to the cleartext passwords included; an increasingly rare, but still dangerous, find.

This breach caught our attention for a few key reasons. First, the database contained both email addresses and plain text passwords. Second, the age of the breach—nearly a decade old—suggests that many users may have reused these credentials on other, more critical platforms. Finally, the niche nature of the forum highlights the fact that even smaller websites can be attractive targets, either for direct exploitation or as sources of credentials for broader attacks. It matters to enterprises now because it serves as a stark reminder of the lasting impact of data breaches and the importance of proactive security measures, particularly around password hygiene.

• Total records exposed: 8,694
• Types of data included: Email Addresses, Passwords (plain text)
• Source structure: Database dump
• Leak location: Hacking forum
• Date of first appearance: December 19, 2015 (date of breach), recent re-emergence on hacking forum.

While there's been no mainstream media coverage of this specific breach, the issue of plain text passwords being stored by websites is a well-documented problem. Security researcher Troy Hunt has repeatedly highlighted the dangers of this practice on his blog and in presentations at security conferences. He runs Have I Been Pwned? where users can check if their email address or password has been compromised in a data breach. The UK Dirt breach has been added to the HaveIBeenPwned database.

Discussions on various security forums often emphasize the importance of using password managers and unique passwords for each online account. The re-emergence of breaches like this one serves as a concrete example of why these recommendations are so crucial.