US Authorities Seize BreachForums Domain

Written by

The US government finally appears to have captured the surface web domains associated with notorious cybercrime marketplace BreachForums, despite the arrest of the site’s owner months ago.

Visitors to are now presented with the following notice: “The domains related to Breach Forums have been seized by the Federal Bureau of Investigation, US Department of Health and Human Services, Office of Inspector General, and the Department of Justice in accordance with a seizure warrant issued pursuant to 18 U.S. §§ 981, 982, inter alia, by the United States District Court for the Eastern District of Virginia as part of law enforcement action taken in parallel with the US Secret Service, Homeland Security Investigations, the New York Police Department, the US Postal Inspection Service, the Dutch National Police, the Australian Federal Police, the United Kingdom National Crime Agency, and Police Scotland.”

Read more on BreachForums: BreachForums Shuts Down After Admin's Arrest.

The authorities displayed both the BreachForums logo and an avatar used by its owner “Pompompurin” (aka Conor Fitzpatrick), with the digitally altered addition of a pair of handcuffs.

It’s unclear why it has taken three months to get to this stage, following the arrest of Fitzpatrick. At that time, administrator “Baphomet” wrote that they were shutting the site down out of fear that investigators had gained access to its servers.

Soon after, a new BreachForums site opened, with warnings appearing on the original Breached site not to trust it.

Fitzpatrick, 20, of Peekskill, New York, is accused of operating BreachForums and thereby enabling cyber-criminals to trade in stolen data and other contraband since March 2022.

The DoJ is alleging that he is therefore responsible for millions of US victims and hundreds of breached US and foreign organizations and government agencies.

Alongside the legitimate BreachForums domains, the Feds have also seized one that used to be owned by Pompompurin, but is currently the property of breach notification site DataBreaches. It said is currently in the process of getting “un-seized.”

What’s hot on Infosecurity Magazine?