LeakedSource goes offline after police raid

US authorities take down website selling three billion user names and passwords

US authorities have raided and taken offline the notorious LeakedSource website, which sold subscription access to more than 3.1 billion stolen account credentials. The raid happened overnight with the website remaining unaccessible this morning.

It was followed by an online posting to the OGflip market-trading forum - since removed - that claimed that the website had been raided, and its servers and storage removed by subpoena.

The posting, though, has since been put up on Pastebin.

"Leakedsource is down forever and won't be coming back. Owner raided early this morning. Wasn't arrested, but all SSD's got taken, and Leakedsource servers got subpoena'd and placed under federal investigation.

"If somehow he recovers from this and launches LeakedSource again, then I'll be wrong. But I am not wrong," claimed the OGflip user, going by the handle LTD.

The raid follows mounting speculation over the future of the high-profile site, which offered subscriptions to a vast database of stolen passwords, which the website itself gleaned from various sources on the so-called "dark web".

While some people argued that the site merely traded in what had become publicly available data, and was covered by the US First Amendment protecting free speech, the site was quick to remove credentials when threatened with legal action. LinkedIn, for example, persuaded LeakedSource to remove 117 million stolen user names and passwords in this way.

The site had also hosted hundreds of millions of account credentials for Yahoo, Ashley Madison, FriendFinder.com and Last.fm, among many others. Many of the credentials, though, were old and out-of-date.

The site had gained notoriety for the speed with which it acquired stolen credentials, the volume of credentials it offered, and the subscription-based business model, providing access from between $2 a day to $265 a year. Its database, while huge, was also fast and relatively user friendly, unlike many alternative websites.

And it is not the only stolen password emporium. Such sites as Leakbase and "Database Search" are still going, although they are not nearly as comprehensive or fast as LeakedSource.