Unlock Exclusive Cyber Threat Intelligence
Powered by DarkWebInformer.com
Foundational access to breach intelligence. Track breaches, leaks, and threats in real time with high quality screenshots and concise expert summaries.
Continuously updated breach reports and threat summaries.
Daily breach, leak, and DDoS alerts.
Live tracking with JSON export.
Direct access to claims and posts.
Concise summaries of DDoS, defacements, and breaches.
Verified index of dark web sites and services.
Live status of 500+ sites.
Integrated checks inside breach posts.
Uncompressed, watermark free evidence.
Browser alerts for tracked terms.
Stay in the loop across channels.
Verified PGPs for ransomware and threat groups.
🏢 What Happened
A threat actor known as 888 has advertised the sale of data allegedly taken from LeaseHawk, a U.S.-based company providing multifamily software and leasing solutions.
The breach is claimed to expose 222,700 unique user emails, along with detailed records such as event types, page visits, IP addresses, phone numbers, guest card IDs, transcripts, and email communications.
⚠ Disclaimer
This report may include screenshots and/or text that may include unredacted personally identifiable information (PII) gathered from publicly available sources. The sensitive information is presented solely for cybersecurity awareness and threat intelligence purposes.
📌 Overview
On September 2, 2025, threat actor 888 posted on a dark web forum claiming responsibility for the LeaseHawk breach.
The actor’s forum post included:
- ~222,700 unique user emails
- Event logs and session metadata
- IP addresses and phone numbers
- Guest card IDs and transcripts
- Email communications and CRM data
📊 Key Details
| Attribute | Information |
|---|---|
| Date | 2025-09-02 |
| Threat Actor | 888 |
| Victim Country | 🇺🇸 USA |
| Industry | Software Development |
| Victim Org. | LeaseHawk |
| Victim Site | leasehawk.com |
| Category | Data Breach |
| Severity | Medium |
| Network | openweb |
