Massive Onlyfans Data Sale Raises Eyebrows, Sparks Cybersecurity Fears

The Alleged Data Leak: Fact or Fiction?

A storm is brewing over the digital horizon as a threat actor, under the alias 'Euphoric_Reply_5727,' puts up an alleged OnlyFans-linked database for sale. The data, supposedly containing a staggering 340 million user records, is being offered for 0.313 BTC. Hackread, who first broke this story on May 25, 2026, notes that the database advertises data from both creators and subscribers alike.

The narrative is already spinning wild tales, with claims suggesting OnlyFans has been directly hacked. A post on Binance Square even went as far as to label the incident as "OnlyFans HACKED," asserting that the platform's entire database is on the market.

“The evidence suggests a murkier tale of cybercrime, where recycled data meets public information,” explains a cybersecurity expert.

Unraveling the Cyber Crime Web

Hackread's investigative deep dive reveals that the seller originally claimed the data was extracted from internal OnlyFans databases. However, a later confession in a Telegram chat unveiled a different story – the dataset was constructed by piecing together older leaks and publicly available profile information.

This revelation may reduce the likelihood of an actual breach, but it doesn't cancel out the peril. The cobbled-together data, if leveraged skillfully, could facilitate phishing, blackmail, doxxing, and impersonation schemes.

Data Ramifications: Real Threats and Concerns

Hackread examined the sample data, discovering usernames, email addresses, phone numbers, and other sensitive details. There was even a tantalizing 'card' field, rumored to include the last four digits of payment cards, though its authenticity remains unverified.

Despite some incomplete fields and placeholder values, which cast doubt on the database's legitimacy, the potential for misuse remains significant. For many OnlyFans users, the risk of exposure carries significant weight, given the platform's nature. Creators could face impersonation or financial fraud, while even a hint of association can lead to extortion for subscribers.

Ultimately, the public awaits confirmation of any new breach tied to this dataset. Meanwhile, the tale underscores a critical point: whether real or reconstructed, the threat to potential victims looms large in the shadow of the next cyberattack.