Threat Management, Breach, Governance, Risk and Compliance

FBI arrests alleged BreachForums owner

Share
(Image Source: Njari via Getty Images)

U.S. law enforcement has arrested a man who allegedly owns the notorious dark web data-breach site "BreachForums," and who claimed to be responsible for hacking the Federal Bureau of Investigation in 2021.

Conor Brian Fitzpatrick, also known as "Pompompurin" within the online hacking community, was arrested at his New York home around 4:30 p.m. last Wednesday and charged with one count of conspiracy to commit access device fraud, an FBI agent said in a sworn statement filed in Southern District of New York court last week.

Pompompurin created BreachForums in 2022, right after the FBI took down RaidForums, a prominent cybercrime forum where he had been an active member. BreachForums has since become one of the largest and most active data leak forums that sell sensitive organizational and personal information to hackers and ransomware gangs.

Last week, BreachForums was used by a threat actor to sell government officials' personal and health information in the D.C. Health Link breach.

The FBI agent said Fitzpatrick admitted during the arrest that he used the alias "pompompurin" and is the owner and administrator of "BreachForums."

Besides owning BreachForums, Fitzpatrick is also an active player in other high-profile breaches, including several incidents targeting the FBI. In 2021, he took credit for hacking into the FBI's email system and sending hundreds of fake cybersecurity warnings. He is also linked to the 2022 breach of the FBI InfraGard network, an incident that caused more than 80,000 members' contact information to go on sale.

The Southern District of New York court told SC Media on Monday that the case is now under seal. According to Bloomberg, Fitzpatrick was released on a $300,000 bail and will appear in a Virginia court on March 24th.

A recent post on BreachForums indicates that the site is still up and running under the new ownership of a user named Baphomet, according to Engadget. "I think it's safe to assume [Pompompurin] won't be coming back, so I'll be taking ownership of the forum…I have most, if not all the access necessary to protect B.F. infrastructure and users," Baphomet wrote.

The arrest of Fitzpatrick comes as the Biden administration released one of the most aggressive national cybersecurity strategies to date and urged private and public sectors to take proactive steps to defend against cybercriminals.

Austin Berglas, a former FBI agent and a founding member at BlueVoyant, told SC Media that arrests and criminal prosecutions can send a strong message to hackers and effectively deter future criminal activities.

While acknowledging that identifying the actual hackers can be difficult, as many of them operate across borders which requires complicated legal and diplomatic maneuvering, Berglas said information sharing from the private sector can help the government better disrupt criminal operations like BreachForums.

"Sharing indicators of compromise and tactics, techniques, and procedures will provide government agencies with the most up-to-date, actionable intelligence needed to identify groups, individuals, and infrastructure," said Berglas.

Bryan Cunningham, a former White House lawyer and an advisor for Theon Technology, said he expects to see government agencies more aggressively pursue threat actors across the globe this year and believes in the country's national intelligence capabilities to do this.

"I don't think any past administrations prioritized dismantling ransomware gangs and hackers as a proper use of our national intelligence capabilities, but I do think that is changing now," Cunningham told SC Media in an interview.

Menghan Xiao

Menghan Xiao is a cybersecurity reporter at SC Media, covering software supply chain security, workforce/business, and threat intelligence. Before SC Media, Xiao studied journalism at Northwestern University, where she received a merit-based scholarship from Medill and Jack Modzelewski Scholarship Fund.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.