Admin of Hacking Site “BreachForums” Appears in Court

Conor Brian Fitzpatrick, also known by his handle “Pompompurin”, made his initial court appearance today on a criminal charge related to the creation and administration of the notorious “BreachForums” dark web site. BreachForums hosted the stolen databases of almost 1,000 companies and websites, and served as a marketplace for hackers and other cybercriminals to buy and sell stolen data.

Fitzpatrick was arrested at his home around 4:30 pm ET on Wednesday, March 15th, by a team of investigators. He was charged with a single count of conspiracy to solicit individuals with the purpose of selling unauthorized access devices.

According to a sworn statement filed in court by the FBI agent that led the arrest effort, Fitzpatrick later admitted to being the owner and operator of BreachForums and using the alias "Pompompurin".

Fitzpatrick has ties to many high-profile data breaches and hacks over recent years. In November 2021, he took credit for an attack on the FBI’s email servers, which led to thousands of fake cybersecurity warnings being sent throughout the network. Fitzpatrick is also linked to the 2022 breach of the FBI's InfraGard network, an incident that saw the contact information of more than 80,000 members go on sale. In addition, Fitzpatrick has been connected to the 2021 Robinhood hack that saw the data of 7 million users compromised and the 2022 Twitter data leak.

Fitzpatrick initially appeared at a federal court in White Plains, New York, on March 17th and was later released on a $300,000 unsecured bond. Fitzpatrick has since made a court appearance in Alexandria, Virginia, earlier today on Friday, March 24th.

In the unsealed court documents, the charges stated: “From at least in or around March 2022 through the present, Fitzpatrick has facilitated the unauthorized purchasing and selling of stolen identification documents, unauthorized access devices, unauthorized access to victim computer systems, and login credentials through his operation of a data breach website named ‘BreachForums.’”

A few days after the arrest, BreachForums' new administrator announced that the forum would be shutting down for good. “Please consider this the final update for Breached,” a person with the alias “Baphomet” wrote on Telegram. According to the Justice Department, BreachForums had more than 340,000 members before it was taken offline. The database section of the platform had 888 datasets consisting of over 14 billion individual records.

The court documents confirmed that the FBI linked together IP addresses that Fitzpatrick used to access RaidForums (the predecessor of BreachForums), Gmail records, and cryptocurrency exchange records to tie Fitzpatrick to the alias “Pompompurin” and BreachForums. The FBI also made undercover data purchases on the platform to prove that it facilitated the sale and purchase of stolen information.