BigFooty

BigFooty, Australia's largest Australian Rules Football fan forum, suffered a massive data breach exposing approximately 70 million records including private messages, user profiles, and forum posts.

What Happened

A database belonging to BigFooty was compromised and leaked, exposing approximately 100,000 user accounts and 70 million forum records including posts, private messages, and user data. The breach included usernames, email addresses, passwords (some hashed, some in plaintext), dates of birth, and IP addresses.

The 70 million figure represented the total database records including forum posts, private messages, and other forum content accumulated over years of operation. While the number of individual users was around 100,000, the historical archive of communications was substantial.

Impact on Individuals

Forum members faced multiple risks: compromised email addresses and passwords could enable account takeovers on other services if passwords were reused. The exposure of private messages violated expectations of privacy in what users believed were confidential conversations. IP addresses could reveal users' locations or identities.

For a sports forum, the exposure might seem less critical than financial data, but private messages could contain personal discussions, and associating real identities with controversial forum posts could cause embarrassment or reputational harm.

Organisational Response

BigFooty addressed the security breach and likely required password resets for affected accounts. The incident demonstrated that even community forums need robust security measures to protect users' personal information and communications.