BreachForums founder resentenced to three years in prison
A US appeals court vacated his previous sentence and remanded the case for resentencing
Conor Brian Fitzpatrick, the founder and admin of the BreachForums, has been resentenced to three years in prison after his earlier sentence was overturned in January this year.
Fitzpatrick, who operated under the alias Pompompurin, created the notorious forum after an FBI sting operation took down RaidForums in 2022.
In March 2023, Fitzpatrick identified himself as Pompompurin and admitted to running the forum following his arrest. In July that year, the BreachForums founder pleaded guilty to conspiracy to commit access device fraud, access device solicitation, and possession of child sexual abuse material.
While prosecutors originally pursued a sentence of more than 15 years, Fitzpatrick was handed a sentence of 17 days (time served) and 20 years of supervised release.
According to the US Department of Justice (DOJ), this latest development came after a US appeals court vacated his prior sentence and remanded the case for resentencing.
“Today’s sentence demonstrates the Justice Department’s unwavering commitment to bringing to justice those who seek to sell stolen data to the highest bidder,” said acting assistant attorney general Matthew R. Galeotti of the Justice Department’s Criminal Division.
“To those seeking to operate a similar forum, take note: we will tirelessly investigate those who commit these crimes.”
BreachForums quickly became a haven for cyber criminals after RaidForums was taken down in 2022, boasting over 330,000 members and selling stolen data to the highest bidder.
Data hosted on the site included an array of personal information according to court documents, including bank account details, social security numbers, and usernames and passwords for various online accounts.
“BreachForums also maintained and offered access to at least 888 dataset of stolen information containing over 14 billion individual records of PII,” according to the DOJ.
Analysis of data hosted on the site was found to include a database containing the names and contact information for around 200 million users of a “major US-based social networking site”.
Another, the DOJ said, included details on over 87,000 members of InfraGard, an information sharing partnership between the FBI and private sector organizations.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
-
Tomorrow's fraud techniquesITPro Podcast Leaders need to proactive as attackers launch more consistent, sophisticated attacks
-
Met Office hails huge efficiency gains in first year of cloud supercomputing with Microsoft AzureNews In moving to the cloud, the Met Office has bolstered operational resilience and helped to deliver more accurate forecasts
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Researchers called on LastPass, Dashlane, and Bitwarden to up defenses after severe flaws put 60 million users at risk – here’s how each company respondedNews Analysts at ETH Zurich called for cryptographic standard improvements after a host of password managers were found lacking
-
‘They are able to move fast now’: AI is expanding attack surfaces – and hackers are looking to reap the same rewards as enterprises with the technologyNews Potent new malware strains, faster attack times, and the rise of shadow AI are causing havoc
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacksNews Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
-
Notepad++ hackers remained undetected and pushed malicious updates for six months – here’s who’s responsible, how they did it, and how to check if you’ve been affectedNews Hackers remained undetected for months and distributed malicious updates to Notepad++ users after breaching the text editor software – here's how to check if you've been affected.
-
CISA’s interim chief uploaded sensitive documents to a public version of ChatGPT – security experts explain why you should never do thatNews The incident at CISA raises yet more concerns about the rise of ‘shadow AI’ and data protection risks
-
Former Google engineer convicted of economic espionage after stealing thousands of secret AI, supercomputing documentsNews Linwei Ding told Chinese investors he could build a world-class supercomputer
-
90% of companies are woefully unprepared for quantum security threats – analysts say they need to get a move onNews Quantum security threats are coming, but a Bain & Company survey shows systems aren't yet in place to prevent widespread chaos
