Type of site | Internet forum |
---|---|
Available in | English |
Predecessor(s) | RaidForums |
Country of origin | United States |
Founder(s) | Conor Brian Fitzpatrick, also known by his screen name "pompompurin" |
URL |
|
Advertising | Yes |
Commercial | Yes |
Users | 336,800 at time of last shutdown [citation needed] |
Launched | March 4, 2022 |
Current status | Online |
BreachForums is an English-language black hat–hacking crime forum. The website acted as an alternative and successor to RaidForums following its shutdown and seizure in 2022.[1][2] Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services.
On March 21, 2023, BreachForums was shut down following the arrest of the forum's owner, Conor Brian Fitzpatrick.[3] The forum was later reopened under the ownership of the hacking group ShinyHunters and previous BreachForums administrator "Baphomet". Fitzpatrick was later sentenced to 20 years supervised release. The site was again shut down and the domain seized on May 15, 2024, though the domain was back under the owner's control just hours later.
The forum was owned by and founded in March 2022 by then-19-year-old Conor Brian Fitzpatrick, known on the forum under his screen name "pompompurin".[4] Fitzpatrick's identity had been based on the Japanese character by Sanrio of the same name. Fitzpatrick had, a year earlier, claimed responsibility for the 2021 FBI email hack.[5]
On December 10, 2022, a member of the forum identified by the screen name "USDoD" posted a thread offering the sale of a database containing the information of over 80,000 members of the FBI non-profit organization and information portal InfraGard. The individual claimed to have obtained access to the portal through a social engineering attack in which they pretended to be the CEO of an unknown U.S. financial corporation.[6]
On March 9, 2023, another member identifying under the screen name "Denfur" posted a thread containing 200 entries originating from a breach of DC Health Link, a Washington D.C. health insurance marketplace, claiming that more information was to come. The D.C. Health Benefit Exchange Authority later stated that more than 56,000 customers had been impacted by the breach, but original posts relating to the data claim to have the information of over 170,000 customers.[7][8]
On March 15, 2023, in Peekskill, New York,[9] Fitzpatrick was arrested by law enforcement and charged with conspiracy to commit access device fraud in federal court.[4][10] Following Fitzpatrick's arrest, another forum administrator under the screen name "Baphomet" took ownership of the website and its infrastructure. However, following Baphomet's suspicion of the forum being compromised, on March 21, 2023, it was shut down.[11] Baphomet later reopened the forum with black-hat hacking group ShinyHunters. [citation needed]
Approximately a month after his arrest, Fitzpatrick attempted to commit suicide in his home while released on bail.[12] He later pleaded guilty to conspiracy to commit access device fraud, access device fraud, and possession of child pornography.[13][14] In January 2024, Fitzpatrick was detained after violating his bail conditions which forbade the use of a VPN.[15] Despite federal prosecutors requesting that Fitzpatrick serve 15.7 years in prison, he was sentenced to 20 years of supervised release.[16]
On June 23, 2023, three months after shutting down, the clearnet domains for BreachForums were seized by the Federal Bureau of Investigation, U.S. Department of Health and Human Services, Office of Inspector General, and the Department of Justice in accordance with a seizure warrant issued by the U.S. District Court for Eastern Virginia.[17][18]
On May 15, 2024, the FBI seized the most recent BreachForums clearnet site along with its onion site and the associated telegram. The seizure followed a significant data leak involving Europol's portal. The forum briefly displayed an FBI seizure notice, highlighting cooperation with international partners. As of May 16, the domain was reclaimed and displays a link pointing to a new Telegram chat room.[19] The FBI is examining the forum's backend data, which may lead to identifying members and advancing investigations. The forum administrator, Baphomet has been arrested according to ShinyHunters.[20] The site came back online on 29 May 2024.[21]