BreachForums Admin Arrested in New York

Written by

A New York resident has been arrested last week for running the notorious cybercrime site known as BreachForums.

According to court documents filed last Wednesday, Conor Brian Fitzpatrick of Peekskill was apprehended on the day following an FBI investigation and charged with conspiracy to commit access device fraud. Bloomberg reported Fitzpatrick was released on bail after being arrested and is now expected to appear in front of federal court on Friday.

FBI agent John Longmire said that during the operation, Fitzpatrick confirmed being the owner and administrator of BreachForums. He also admitted hiding behind the alias “Pompompurin” online, which was often used on BreachForums to vouch for the legitimacy of posted data on the site.

“I have personally been involved in the investigation of the defendant, as well as in determining whether the defendant is the same individual I charged in the complaint,” Longmire said, as shown in a deposition document by the agent.

The Pompompurin moniker was also behind a 2021 exploit of the law enforcement portal that led to the sending of thousands of fraudulent emails from an FBI email address.

The arrest comes almost a year after a cross-border law enforcement team shut down the RaidForums hacker website. The creation of BreachForums around the same time filled that gap for many threat actors, who turned to the site to acquire data stolen during data breaches.

At the time of writing, it is estimated the site contains the stolen databases of approximately 1000 websites. In October last year, a BreachForums user claimed responsibility for the Optus attack.

Read more on the Optus breach here: Optus Confirms Hack Exposed Data of Nearly 2.1 Million Australians

Following Fitzpatrick’s arrest, BreachForums has been taken offline (possibly by other admins) and remains so as of today, Monday, March 20. Before going offline, a message from a site administrator said necessary steps were taken to protect the site’s infrastructure and users. The admin also said they had restricted Pompompurin’s account to prevent unauthorized administrator actions as they monitored suspicious activity.

The arrest comes a few months after research from Sophos suggested cyber-criminals have lost at least $2.5m to scammers on three underground sites, including BreachForums, in 2022.

What’s hot on Infosecurity Magazine?