MYM.fans, a France-based creator subscription-content platform operating as a regional OnlyFans-equivalent, suffered a data breach that surfaced publicly in November 2025 when a user named 'esther' posted the dataset on the breach-trading forum Leakbase.la. According to subsequent reporting, the leaked data may have originated from a 2021 source compromise of the MYM platform's databases, totaling approximately 1.81 gigabytes including SQL tables for distinct creator and subscriber populations. The DataBreach.com summary attributes the original compromise vector to a social-engineering attack on a Creator.io employee. MYM.fans has not publicly detailed the original incident.

The breach affected approximately 5.2 million unique user records based on records indexed by breach-tracking services, with the original Leakbase posting describing a 5.5 million-line text file. Compromised fields included email addresses and, according to forum reporting and security-research analyses of the leaked file, also included full names, physical addresses, phone numbers, and IP addresses for affected users. The dataset structure suggests it represents a complete user-database dump rather than a partial extract, including both subscriber and creator accounts.

For affected users, the practical risk profile combines identity-fraud exposure with creator-platform-specific reputational risk that varies substantially between subscriber and creator populations. For subscribers, inclusion in the dataset confirms a paid subscription relationship with a creator-monetization platform that includes adult content. Affected users who receive extortion attempts should not pay ransom demands because payment does not stop further extortion. Users should change any reused passwords on other accounts, enable two-factor authentication where available, document all extortion communications, and report extortion attempts to law enforcement. For affected creators, the disclosure carries materially greater risk because creator identification can affect employment, family relationships, immigration status, and personal safety, and because creator records may include real-name and tax-related identifiers used for monetization payouts. Affected creators may benefit from legal counsel familiar with French data-protection law and CNIL complaint processes. The continued circulation of the dataset after the Leakbase seizure means that affected users should treat the exposure as long-term rather than time-limited.

Creator subscription platforms collect highly sensitive creator and subscriber identity, payment-adjacent records, content access history, messages, and monetization activity tied to paid fan relationships.

The MYM.fans breach was publicly disclosed in November 2025 when a forum user named 'esther' posted the dataset on the breach-trading forum Leakbase.la. DataBreach.com indexed the breach on January 12-13, 2026, and breach-tracking publications including DarkEye and InsecureWeb reported on the dataset shortly after. The Leakbase forum where the data was originally posted was subsequently seized by an international law enforcement operation led by Europol on March 3, 2026 ('Operation Leak'), which targeted 37 of the platform's most active users with arrests, house searches, and 'knock-and-talk' interviews across the U.S., Australia, Belgium, Poland, Portugal, Romania, Spain, and the U.K. The MYM.fans dataset has continued to circulate among breach-trading communities despite the Leakbase seizure. MYM.fans has not publicly detailed the original incident or the specific vulnerability that enabled the compromise.