Infamous BreachForums Mastermind Arrested in New York

Infamous BreachForums Mastermind Arrested in New York

Mar 18, 2023Ravie LakshmananCyber ​​Crime / Data Breach

Infamous BreachForums Mastermind Arrested in New York

US law enforcement authorities have arrested a New York man in connection with the infamous operation BreachForums hacking forum under the online alias “Pompompurin.”

The development, first reported by Bloomberg Lawcomes after News 12 Westchester reported, earlier this week, that federal investigators “spent hours inside and outside a home in Peekskill.”

“At one point, investigators were seen removing several bags of evidence from the home,” the New York-based local news service reported. added.

According to in a affidavit filed by the Federal Bureau of Investigation (FBI), the suspect identified himself as Conor Brian Fitzpatrick and admitted to being the owner of the BreachForums website.

“When I arrested the defendant on March 15, 2023, he told me in whole and in part that: a) his name was Conor Brian Fitzpatrick; b) he used the alias ‘pompompurin,’ and c) he had -owner and administrator of ‘BreachForums,'” said FBI Special Agent, John Longmire.

Fitzpatrick was charged with one count of conspiracy to solicit individuals with intent to sell unauthorized access devices.

The defendant was released a day later on a $300,000 bond co-signed by his parents and is scheduled to appear in the District Court for the Eastern District of Virginia on March 24, 2023.

In addition to being prohibited from obtaining a passport or other international travel document, Fitzpatrick is restricted from interacting with his peers and using narcotic drugs or other controlled substances unless prescribed by a licensed medical practitioner.

BreachForums emerged last year three weeks after a coordinated law enforcement operation seized control of the RaidForums in March 2022.

“In the welcoming threat actor thread, ‘pompompurin’ said they created BreachForums as an alternative to RaidForums but ‘is not affiliated with RaidForums in any capacity,'” cybersecurity firm Flashpoint said at that time.


Discover the Hidden Risks of Third-Party SaaS Apps

Do you know the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize risk.


The forum is from then attracted by fame for hosting stolen databases belonging to several companies, often containing sensitive personal information.

In the wake of Fitzpatrick’s arrest, another forum user named Baphomet claimed ownership of the website, noting that there was no evidence of “access or changes to the Breached infra.”

“That’s my only response [law enforcement]or any media outlet I have no concerns for myself at this time,” Baphomet said in the announcement.OPSEC has been my focus since day one, and luckily, I didn’t think any mountain lions would attack me in my little fishing boat.”

The development came as Ukraine’s Cyber ​​Police announced the arrest of a 25-year-old developer who created a remote access trojan that infected more than 10,000 computers under the guise of gaming apps.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.