Last Wednesday, US federal agents arrested New York resident Conor Brian Fitzpatrick, believed to be the mastermind behind the notorious dark web data-breach site BreachForums, known by the alias “Pompompurin.”
According to a sworn statement filed in court by FBI special agent John Longmire, Fitzpatrick was apprehended at his home.
Fitzpatrick faces a single charge of conspiracy to commit access device fraud. Longmire claims that Fitzpatrick admitted to being the owner of BreachForums and using the alias Pompompurin during his arrest.
Pompompurin is thought to have been involved in several high-profile hacks in recent years, including multiple attacks targeting the FBI.
We believe security online security matters and its our mission to make it a safer place.
In 2021, Pompompurin claimed responsibility for breaching the FBI’s email systems and sending hundreds of fake cybersecurity alerts. The FBI later acknowledged that a software misconfiguration allowed the fraudulent emails to be sent.
In 2022, Pompompurin was linked to a breach of the FBI’s InfraGard network, resulting in the sale of 80,000 members’ contact information on the dark web. Furthermore, Pompompurin is associated with the 2021 attack on Robinhood, which exposed the data of nearly seven million users.
BreachForums emerged last year, approximately three weeks after a coordinated law enforcement operation seized another cybercrime site, RaidForums, in March 2022.
RaidForums was an English-language cybercrime forum that provided access to billions of customer records stolen in some of the world’s largest data breaches since 2015. The suspected admin, Diogo Santos Coelho of Portugal was charged with six criminal counts following the operation.
It is alleged that Fitzpatrick created BreachForums after the FBI took control of RaidForums.
Cybersecurity firm Flashpoint said at the time, “In the threat actor’s welcoming thread, Pompompurin stated that they had created BreachForums as an alternative to RaidForums but that it was ‘not affiliated with RaidForums in any capacity.'”
BreachForums has since grown into the largest data leak forum of its kind, with hackers and ransomware gangs frequently using it to publish stolen data.
Last week, a threat actor attempted to sell the personal data of US lawmakers taken in a breach on DC Health Link, a healthcare provider for US House members, their employees, and their families, through BreachForums.
Despite the FBI’s actions against Pompompurin, a recent post on BreachForums implied that the site would remain operational under a new owner, who claims to have full access to the site’s infrastructure and will continue running the forum.
However, on March 20, BreachForums went offline and has been inaccessible since.
Bloomberg reports that Fitzpatrick was released on a $300,000 bail last Thursday and is scheduled to appear in a Virginia court on March 24th.
Fitzpatrick is prohibited from contacting his co-conspirators, taking narcotic drugs or other controlled substances unless prescribed by a registered medical practitioner, and obtaining a passport or other foreign travel document.