The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM).
Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one count of access device solicitation, and one count of possession of child sexual abuse material. Fitzpatrick was initially arrested in March 2023 and pleaded guilty later that July.
As part of the plea agreement, Fitzpatrick is also said to have agreed to forfeit over 100 domain names used in the operation of BreachForums, over a dozen electronic devices used to execute the scheme, and cryptocurrency that represented the illicit proceeds of the operation.
“Conor Fitzpatrick personally profited from the sale of vast quantities of stolen information, ranging from private personal information to commercial data,” said U.S. Attorney Erik S. Siebert for the Eastern District of Virginia.
“These crimes were so extensive that the damage is difficult to quantify, and the human cost of his collection of child sexual abuse material is incalculable. We will not allow criminals to hide in the darkest corners of the internet and will use all legal means to bring them to justice.”
The resentencing comes after the U.S. Court of Appeals for the Fourth Circuit issued an opinion on January 21, 2025, vacating Fitzpatrick’s prior sentence of 17-day time served and remanding the case for resentencing. Fitzpatrick was previously sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums in January 2024.
BreachForums, launched in March 2022 following the dismantlement of RaidForums by law enforcement, is a criminal marketplace that allows bad actors to buy, sell, and trade stolen data associated with high-profile companies across the world. The forum is estimated to have had 330,000 members at its peak and held more than 14 billion individual records.
The hacker market has since been relaunched a number of times despite numerous efforts to shut it down, cropping up under a revolving door of new domains. In July 2024, the whole database of the original BreachForums was leaked online, exposing members’ information.
Then last month, ShinyHunters, which took over the reins after Baphomet’s arrest in 2023, claimed that the notorious cybercrime marketplace had been compromised and was under the control of international law enforcement agencies. As of writing, the copycat forum has gone offline on its latest domain, stating they have “decided to go dark” along with 14 other e-crime groups, including LAPSUS$ and Scattered Spider.
Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.
The Hacker News
