From Teen Hacker to Inmate: U.S. Court Resentences BreachForums Founder to Three Years Behind Bars
Published
- Harsher resentence: Authorities resentenced the BreachForums founder and admin to three years in prison after the initial sentence.
- Insufficient sentence: The U.S. Court of Appeals decided the previous sentence was insufficient.
- The charges: The individual pleaded guilty to conspiracy to access a device, solicitation to access a device, and possession of CSAM.
Conor Brian Fitzpatrick, the founder and operator of the notorious BreachForums, has been resentenced to three years in prison for his role in creating one of the largest cybercrime marketplaces and for possession of child sexual abuse material (CSAM).
BreachForums Operations and Charges
Fitzpatrick, 22, who operated under the alias "Pompompurin," pleaded guilty to access device conspiracy, access device solicitation, and possession of CSAM. The resentencing follows a U.S. Court of Appeals decision that vacated his previous, much lighter sentence of time served, as he was sentenced in January 2024 to 17 days in jail and 20 years of supervised release.
“Conor Fitzpatrick personally profited from the sale of vast quantities of stolen information, ranging from private personal information to commercial data,” said U.S. Attorney Erik S. Siebert for the Eastern District of Virginia.
He launched BreachForums in March 2022, shortly after law enforcement dismantled its predecessor, RaidForums. The platform quickly grew into a major hub for cybercriminals, amassing over 330,000 members.
It served as a cybercrime marketplace where threat actors could buy, sell, and trade vast quantities of hacked data, including bank account details, Social Security numbers, and other personally identifiable information (PII).
The forum hosted at least 888 stolen datasets, which contained over 14 billion individual records. One notable dataset included the PII of approximately 87,760 members of InfraGard, an FBI-affiliated public-private partnership. ShinyHunters announced in August that a BreachForums takeover had allegedly been orchestrated by law enforcement.
Hacking Forum Takedown Implications
This case highlights the continued efforts by federal law enforcement to pursue and prosecute the administrators of illicit online forums. The successful hacking forum takedown and subsequent sentencing demonstrate that operators of platforms that facilitate cybercrime will be held accountable.
The FBI's investigation and the prosecution by the Justice Department's Computer Crime and Intellectual Property Section (CCIPS) signal a firm stance against the sale and distribution of stolen data, regardless of where these criminal enterprises operate.
In other news, reports said the XSS Forum takedown resulted in cybercriminal migration to DamageLib.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular