Feds arrest alleged BreachForums owner linked to FBI hacks

Posted by
Check your BMI
An image of a hand holding a mouse against a multicolored background.
Photo by Amelia Holowaty Krales / The Verge

The FBI has arrested the person allegedly in charge of the BreachForums online hacking community, as reported earlier by Krebs on Security and Bleeping Computer. Conor Brian Fitzpatrick, also known online as “Pompompurin,” was arrested at his New York home on Wednesday and charged with conspiracy to commit access device fraud, according to a pair of court filings.

In a sworn statement, the FBI agent involved in the case claims Fitzpatrick admitted to owning BreachForums at the time of his arrest and identified himself as Pompompurin. Pompompurin created BreachForums after the FBI seized RaidForums, a similar hacking site that also sold leaked information.

The hacker is implicated in a number of breaches, with many of them targeting the FBI. In 2021, Pompompurin took responsibility for a hack that sent out thousands of fake cybersecurity warnings from the FBI’s email address, and is also linked to the breach of Infragard, the FBI’s information-sharing program that aims to raise awareness about physical and digital threats to government organizations and independent companies.

Additionally, Bleeping Computer notes that Pompompurin is connected to the 2021 Robinhood breach that exposed the information of millions of its users, as well as the leak of Twitter user handles and email addresses that occurred in November 2022.

A recent post on BreachForums indicates that the site will remain up and running under new ownership — at least for now. The hacking forum has already been involved in recent cyberattacks, including a breach of DC Health Link, a healthcare marketplace used by many US politicians and government staff members, and the breach of Australian telecommunications company Optus.

Fitzpatrick was released on a $300,000 bond on Thursday and will appear in a Virginia court on March 24th, according to Bloomberg.