BreachForums founder resentenced to three years in prison

Insider threat hacker concept image showing man typing on keyboard in a dimly lit room.

(Image credit: Getty Images)

Conor Brian Fitzpatrick, the founder and admin of the BreachForums, has been resentenced to three years in prison after his earlier sentence was overturned in January this year.

Fitzpatrick, who operated under the alias Pompompurin, created the notorious forum after an FBI sting operation took down RaidForums in 2022.

In March 2023, Fitzpatrick identified himself as Pompompurin and admitted to running the forum following his arrest. In July that year, the BreachForums founder pleaded guilty to conspiracy to commit access device fraud, access device solicitation, and possession of child sexual abuse material.

While prosecutors originally pursued a sentence of more than 15 years, Fitzpatrick was handed a sentence of 17 days (time served) and 20 years of supervised release.

According to the US Department of Justice (DOJ), this latest development came after a US appeals court vacated his prior sentence and remanded the case for resentencing.

“Today’s sentence demonstrates the Justice Department’s unwavering commitment to bringing to justice those who seek to sell stolen data to the highest bidder,” said acting assistant attorney general Matthew R. Galeotti of the Justice Department’s Criminal Division.

“To those seeking to operate a similar forum, take note: we will tirelessly investigate those who commit these crimes.”

BreachForums quickly became a haven for cyber criminals after RaidForums was taken down in 2022, boasting over 330,000 members and selling stolen data to the highest bidder.

Data hosted on the site included an array of personal information according to court documents, including bank account details, social security numbers, and usernames and passwords for various online accounts.

“BreachForums also maintained and offered access to at least 888 dataset of stolen information containing over 14 billion individual records of PII,” according to the DOJ.

Analysis of data hosted on the site was found to include a database containing the names and contact information for around 200 million users of a “major US-based social networking site”.

Another, the DOJ said, included details on over 87,000 members of InfraGard, an information sharing partnership between the FBI and private sector organizations.

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

MORE FROM ITPRO

Ross Kelly is ITPro's News & Analysis Editor, responsible for leading the brand's news output and in-depth reporting on the latest stories from across the business technology landscape. Ross was previously a Staff Writer, during which time he developed a keen interest in cyber security, business leadership, and emerging technologies.

He graduated from Edinburgh Napier University in 2016 with a BA (Hons) in Journalism, and joined ITPro in 2022 after four years working in technology conference research.

For news pitches, you can contact Ross at ross.kelly@futurenet.com, or on Twitter and LinkedIn.