US law enforcement on Wednesday arrested a New York man believed to be Pompompurin, the owner of hacking forum BreachForums.
According to court documentshe was charged with one count of conspiracy to solicit individuals to sell unauthorized access devices.
During the arrest, the accused allegedly admitted that his real name was Connor Brian Fitzpatrick and that he was Pompourin, the owner of cybercrime forum Breach Forums.
“When I arrested the defendant on March 15, 2023, he told me in substance and in part that: (a) his name was Conor Brian FitzPatrick; (b) he used the alias “pompourin” and (c) he was the owner and administrator of “BreachForums”, the data breach website referenced in the complaint,” FBI Special Agent John Longmire said.
Fitzpatrick was released Thursday on $300,000 bond and will appear in District Court for the Eastern District of Virginia on March 24, as first reported by Bloomberg.
Until his court appearance, the defendant has surrendered his documents and will only be permitted to travel to the Southern and Eastern Districts of New York and the Eastern District of Virginia for court purposes. He is also prohibited from contacting witnesses, co-defendants or co-conspirators.
While the alleged owner of BreachForums is away, a forum administrator said the site will continue to operate in its current capacity.
The administrator added that he has full access to the site infrastructure and will continue to operate the forum.
Who is Pompompurin?
Pompompurin was a well-known player in an underground cybercrime network dedicated to breaching businesses and selling or leaking stolen data through forums and social media. He was also a prominent member of the RaidForums cybercrime forum.
After the FBI seized RaidForums in 2022Pompourin has created a new forum called “BreachForums” to fill the void.
It has since become the largest such data leak forum, commonly used by hackers and ransomware gangs to leak stolen data.
Last week, BreachForums was used by a malicious actor to attempt to sell the personal data of US politicians that was stolen in a breach on DC Health Linka health care provider for US House members, their staff, and their families.
While BreachForums has become a force in cybercrime on its own, Pompompurin has also been implicated in various high-profile corporate breaches.
These breaches include sending fake cyberattack emails using a flaw in the Company Portal for FBI Law Enforcement (LEEP), steal Robinhood customer dataand would have used a bug to confirm email addresses of the 5.4 million Twitter users.