March 17, 2023

The U.S. Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums, a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. The forum’s administrator “Pompompurin” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums, a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022.

Federal agents carting items out of Fitzpatrick’s home on March 15. Image: News 12 Westchester.

In an affidavit filed with the District Court for the Southern District of New York, FBI Special Agent John Longmire said that at around 4:30 p.m. on March 15, 2023, he led a team of law enforcement agents that made a probable cause arrest of a Conor Brian Fitzpatrick in Peekskill, NY.

“When I arrested the defendant on March 15, 2023, he stated to me in substance and in part that: a) his name was Conor Brian Fitzpatrick; b) he used the alias ‘pompompurin/’ and c) he was the owner and administrator of ‘BreachForums’ the data breach website referenced in the Complaint,” Longmire wrote.

Pompompurin has been something of a nemesis to the FBI for several years. In November 2021, KrebsOnSecurity broke the news that thousands of fake emails about a cybercrime investigation were blasted out from the FBI’s email systems and Internet addresses.

Pompompurin took credit for that stunt, and said he was able to send the FBI email blast by exploiting a flaw in an FBI portal designed to share information with state and local law enforcement authorities. The FBI later acknowledged that a software misconfiguration allowed someone to send the fake emails.

In December, 2022, KrebsOnSecurity broke the news that hackers active on BreachForums had infiltrated the FBI’s InfraGard program, a vetted FBI program designed to build cyber and physical threat information sharing partnerships with experts in the private sector. The hackers impersonated the CEO of a major financial company, applied for InfraGard membership in the CEO’s name, and were granted admission to the community.

From there, the hackers plundered the InfraGard member database, and proceeded to sell contact information on more than 80,000 InfraGard members in an auction on BreachForums. The FBI responded by disabling the portal for some time, before ultimately forcing all InfraGard members to re-apply for membership.

More recently, BreachForums was the sales forum for data stolen from DC Health Link, a health insurance exchange based in Washington, D.C. that suffered a data breach this month. The sales thread initially said the data included the names, Social Security numbers, dates of birth, health plan and enrollee information and more on 170,000 individuals, although the official notice about the breach says 56,415 people were affected.

In April 2022, U.S. Justice Department seized the servers and domains for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. As part of that operation, the feds also charged the alleged administrator, 21-year-old Diogo Santos Coelho of Portugal, with six criminal counts.

Coelho was arrested in the United Kingdom on Jan. 31, 2022. By that time, the new BreachForums had been live for just under a week, but with a familiar look.

BreachForums remains accessible online, and from reviewing the live chat stream on the site’s home page it appears the forum’s active users are only just becoming aware that their administrator — and the site’s database — is likely now in FBI hands:

Members of BreachForums discuss the arrest of the forum’s alleged owner.

“Wait if they arrested pom then doesn’t the FBI have all of our details we’ve registered with?” asked one worried BreachForums member.

“But we all have good VPNs I guess, right…right guys?” another denizen offered.

“Like pom would most likely do a plea bargain and cooperate with the feds as much as possible,” replied another.

Fitzpatrick could not be immediately reached for comment. The FBI declined to comment for this story.

There is only one page to the criminal complaint against Fitzpatrick (PDF), which charges him with one count of conspiracy to commit access device fraud. The affidavit on his arrest is available here (PDF).

Update: Corrected spelling of FBI agent’s last name.

65 thoughts on “Feds Charge NY Man as BreachForums Boss “Pompompurin”

  1. Mohammed

    Rot in jail loser and his autismo brother should too

  2. Jeffrey John

    Snowflake children need to be locked up in a real prison-no plea deals !

  3. Jack

    It is a pity for all those who, having US citizenship, are somehow involved in the Pompompurin case. Greetings to the FBI from Russia, stupid bastards

  4. Heroinwater

    It is a pity for all those who, having US citizenship, are somehow involved in the Pompompurin case. Greetings to the FBI from Russia, stupid bastards

  5. iohsodighodsihgs

    I am sad for those people who are directly involved in this case and have been US citizens since birth. I want to send greetings from Russia to the FBI! Burn you in hell feds 😉

  6. thekilob

    Damn, this explains why he suddenly left the call and stopped responding. Poor pompompurin, me and him hacked so many websites together. I’ll miss him.

    1. BEC

      Dude, now Brian have your info, stop being a hacker, and if you don’t, at least stop being this stupid.

  7. PoorBoy

    It was matter of time for them to find him. Sorry, but with what he has done prior and then the forum, domains, twitters. He didn’t even seem too bothered to hide himself. I think he even used Windows and shared bits and pieces from his life. He was simply involved in way too many things in shot period of time. He wasn’t stupid, hopefully it will work out for him in the future. I think he will be left off with probation or just couple of years jail time as he wasn’t inherently malicious!

    1. Decentdiscourse

      You cannot be serious. But what is serious is the amount of time he will serve.

  8. Russell Nomer

    Curious to know if the Japanese company Sanrio ever received alerts or made any complaints about their fictional character’s name being abused in this fashion?

    Pompompurin is a popular fictional character created by the Japanese company Sanrio. The character is a golden retriever dog, known for wearing a trademark brown beret and having a friendly, laid-back personality. Pompompurin’s name comes from the Japanese words “pom pom,” which means to fluff or puff up, and “pudding,” which is a popular dessert in Japan.

    Pompompurin was first introduced by Sanrio in 1996, and quickly became a popular character in Japan and around the world. In addition to the character’s cute and cuddly appearance, Pompompurin is often depicted in a variety of fun and playful situations, such as playing with friends, exploring new places, and enjoying delicious food.

    Sanrio has created a wide range of Pompompurin merchandise, including plush toys, clothing, stationery, and home goods. The character has also been featured in a variety of media, including animated television shows, movies, and video games.

    Overall, Pompompurin is a beloved character in Japan and around the world, known for bringing joy and cuteness to fans of all ages.

  9. info

    These people don’t get much jail time, don’t think they do. The justice system needs to catch up and prisons need to be built.

    1. Atheros

      What a disgusting and shortsighted takeaway. If you are so invested in the event, advocating for measures addressing the root cause or expressing support for the persons affected would surely be more beneficial. Why others are so inclined to invoke the detriment of another individual is very troubling. Applying a positive approach > developing a positive solution. Perpetuating negativity only makes you an agent of suffering. Be better

      1. mealy

        This isn’t someone who needs an advocate. He has one.
        They have their work cut out already without you.

        1. Atheros

          Your reply is a straw man fallacy. My comment discussed the importance of advocating for measures addressing the root cause of an event or expressing support for those affected, instead of perpetuating negativity. However, you ignore this argument and instead misrepresent my position by suggesting that someone does not need an advocate. Is this misrepresentation meant to divert attention away from the original statement? Either way it is not a valid response

  10. Reagan Bordas

    I dated him back in middle school. Pretty quiet guy, and seemed abnormal with society. Sad to see an update from him like this. It caught me off guard when he went by the alias Pompom. Never knew he was a Sanrio guy.

  11. zxkjcsdxzv

    Best of luck to pom btw. Though I doubt he’ll actually be free again (anytime soon). The worst thing that could happen imo is him becoming a fed.

    If you were a BF user, make sure to remember all of the good things (and bad things) that happened on there.

Comments are closed.