Alleged BreachForums owner Pompompurin arrested on cybercrime charges

U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking forum.

According to court documents, he was charged with one count of conspiracy to solicit individuals to sell unauthorized access devices.

During the arrest, the defendant allegedly admitted that his real name was Connor Brian Fitzpatrick and that he was Pompourin, the owner of the Breach Forums cybercrime forum.

"When I arrested the defendant on March 15, 2023, he stated to me in substance and in part that: a) his name was Conor Brian FitzPatrick; b) he used the alias "pompourin," and c) he was the owner and administrator of "BreachForums," the data breach website referenced in the Complaint," FBI Special Agent John Longmire says.

Fitzpatrick was released on Thursday on a $300,000 bond and will appear in the District Court of the Eastern District of Virginia on March 24, as first reported by Bloomberg.

Until his appearance in court, the defendant has surrendered his documents and will only be allowed to travel within the Southern and Eastern Districts of New York and the Eastern District of Virginia for court purposes. He is also restricted from contacting witnesses, codefendants, or coconspirators.

While the suspected owner of BreachForums is away, a forum admin said that the site would continue to operate in its current capacity.

The admin added that they have full access to the site's infrastructure and will continue to operate the forum.

Who is Pompompurin?

Pompompurin has been a well-known player in a cybercriminal underground devoted to breaching companies and selling or leaking stolen data through forums and social media. He was also a high-profile member of the RaidForums cybercrime forum.

After the FBI seized RaidForums in 2022, Pompourin created a new forum named 'BreachForums' to fill the void.

It has since become the largest data leak forum of its kind, commonly used by hackers and ransomware gangs to leak stolen data.

Last week, BreachForums was used by a threat actor to attempt to sell the personal data of U.S. politicians that was stolen in a breach on D.C. Health Link, a healthcare provider for U.S. House members, their staff, and their families.

While BreachForums became a force in cybercrime on its own, Pompompurin has also been involved in various high-profile company breaches.

These breaches include sending fake cyberattack emails using a flaw in the FBI's Law Enforcement Enterprise Portal (LEEP), stealing customer data from Robinhood, and allegedly using a bug to confirm the email addresses of 5.4 million Twitter users.

Source:

https://www.bleepingcomputer.com/news/security/alleged-breachforums-owner-pompompurin-arrested-on-cybercrime-charges/

Update from BF :

Quote

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Although I had already suspected it to be the case, its now been confirmed that Pom has been arrested:
https://news.bloomberglaw.com/privacy-and-data-security/dark-web-breachforums-operator-charged-with-computer-crime

I think it's safe to assume he won't be coming back, so I'll be taking ownership of the forum. I have most, if not all the access necessary to protect BF infrastructure and users.

I pretty much already assumed the worst at nearly 24 hours of inactivity. It's not often Pom is gone an extended period of time, and he's always let me know ahead of time if that would be the case. He's also never been inactive this long on both Telegram, Element and the forum at the same time. At that point I decided to remove his access to all important infrastructure and restricted his forum account to still login but not to carry out any administrator actions. I also since that point have been constantly monitoring everything and going through every log to see any access or modifications to Breached infra. So far nothing like that has been seen.

I can’t respond to everyone at this point, as I am working through the next steps of the emergency plan for the forum. Please be patient, and try not to lose your minds.

My only response to LE, or any media outlet is that I have no concerns for myself at the moment. OPSEC has been my focus from day one, and thankfully I don’t think any mountain lions will be attacking me in my little fishing boat.

- - Baphomet
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwjntiyso/csN4SiV9wumY4m0ToYFAmQU7RQACgkQ9wumY4m0
ToZefxAAgUd8QEFfrJVOManZjuEMU7XBHRmBO7NcsER1PJiiUuSoddSeDuFt400d
uM6f9F1mHNHFJma1yoHLR32S9L8fWTqIKwe0uT8GOFvcH7DECUBngDo4sEc9TFYw
IGgg+A1D4Gz9Gq5y+mJltJNTbCo6BotJ3jN12HSK4K0v0pe6oCEMeW/PKD/4F09/
sJ+BHhfELfElKxTe2Kg00TaXmEgaaRrxo+lVK6Ye0NO14I19RuKROJGQSd6PWVoN
bfEFUsW36zwM1u07+IZTYNPImy7jRgL9aoYTeKxRY+YZEg6QYZ1CnmpiXvzTTz9C
rOqod5nWjamzKjXMIMcHJNLWRO3xaY9rOcrctiDQA0cGDwJhdaCGtfzbk87ssGxH
omL7IzOL/m/OzMuW4fCDU6X2kKo4jrW0pN1r2b+EFEY+86SAUxdprBKt7+6vLMX/
AgnWAQi0WwX7dm2B+z++OOlYgZASSMsDHpFP0AiakVtvYcSQTzLIxxR0It8Z16li
dWhmkvs99LN+z6At+J47HYVuvCrAjoUZtH7MW2YeZOCHpWxX/jAgms/6J+bQZdp6
507s5ksQbL/iygGst9DUF9xuNiGlf124lGTl5Rs5fQfcPKax3zm2hIN/PqAozgiY
yk5RNFRcHuneRNvsuT3x1FaVzlzE/zKZHNB7ZY4zgKbcVtQ4dgM=
=1TO+
-----END PGP SIGNATURE-----