BreachForums is an English-language

black hat hacking A Black Hat (Black Hat Hacker or Blackhat) is a computer hacker who usually violates laws or typical ethical standards. The term originates from the 1950s westerns, when bad guys typically wore black hats and good guys white hats. Black hat hacker ...

crime forum A crime forum is a generic term for an Internet forum specialising in computer crime and Internet fraud activities such as hacking, Online Identity Theft, Phishing, Pharming, Malware Attacks or spamming. During the early days of the Internet publ ...

. The website acts as an alternative and successor to RaidForums following its shutdown and seizure in 2022. Like its predecessor, BreachForums allows for the discussion of various hacking topics and distributed data breaches, pornography, hacking tools and various other services. On March 21, 2023, BreachForums was shutdown following the arrest of the forum's owner, Conor Brian Fitzpatrick. The forum was later reopened under the ownership of the hacking group

ShinyHunters ShinyHunters is a criminal black-hat hacker group that is believed to have formed in 2020 and is said to have been involved in numerous data breaches. The stolen information is often sold on the dark web. Name and alias The name of the group i ...

and previous BreachForums administrator "Baphomet".

History

The forum was founded and owned in March 2022 by then-19 year old Conor Brian Fitzpatrick, known on the forum under the screen name "pompompurin". Fitzpatrick's identity on the internet had been based on the Japanese character by

Sanrio is a Japanese entertainment company. It designs, licenses, and produces products focusing on the ''kawaii'' ("cute") segment of Japanese popular culture. Their products include stationery, school supplies, gifts, and accessories which are sold ...

of the same name. Fitzpatrick had, a year earlier, claimed responsibility for the

2021 FBI email hack On November 13, 2021, a hacker compromised the FBI's external email system, sending thousands of spam emails warning of a fake cyberattack by cybersecurity researcher and CEO of Night Lion Security and Shadowbyte Vinny Troia, who is falsely labeled ...

Controversy

On December 10, 2022, a member of the forum identified by the screen name "USDoD" posted a thread offering the sale of a

database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases s ...

containing the information of over 80,000 members of the

FBI The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, t ...

non-profit organization and information portal InfraGard. The individual claimed to have obtained access to the portal through a social engineering attack in which they pretended to be the CEO of an unknown U.S. financial corporation. On March 9, 2023, another member identifying under the screen name "Denfur" posted a thread containing 200 entries originating from a breach of the

District of Columbia ) , image_skyline = , image_caption = Clockwise from top left: the Washington Monument and Lincoln Memorial on the National Mall, United States Capitol, Logan Circle, Jefferson Memorial, White House, Adams Morgan, ...

health insurance marketplace In the United States, health insurance marketplaces, also called health exchanges, are organizations in each state through which people can purchase health insurance. People can purchase health insurance that complies with the Patient Protectio ...

DC Health Link, claiming that more information was to come. The D.C. Health Benefit Exchange Authority later stated that more than 56,000 customers had been impacted by the breach, but original posts relating to the data claim to have the information of over 170,000 customers.

Arrest and shutdown

On March 15, 2023, Fitzpatrick was arrested by law enforcement and charged with conspiracy to commit access device fraud. Following Fitzpatrick's arrest, another forum administrator under the screen name "Baphomet" took ownership of the website and its infrastructure. However, following Baphomet's suspicion of the forum being compromised, on March 21, 2023, it was shut down. Baphomet later reopened the forum with black-hat hacking group ShinyHunters. Approximately a month after his arrest, Fitzpatrick attempted to commit suicide in his home while released on

bail Bail is a set of pre-trial restrictions that are imposed on a suspect to ensure that they will not hamper the judicial process. Bail is the conditional release of a defendant with the promise to appear in court when required. In some countrie ...

. He has since pleaded guilty to conspiracy to commit access device fraud, access device fraud, and possession of child pornography. His sentencing is scheduled for January 2024.

Domain seizure

On June 23, 2023, three months after shutting down, the clearnet domains for BreachForums were seized by the Federal Bureau of Investigation, U.S. Department of Health and Human Services, Office of Inspector General, and the Department of Justice in accordance with a seizure warrant issued by the

U.S. District Court for Eastern Virginia The United States District Court for the Eastern District of Virginia (in case citations, E.D. Va.) is one of two United States district courts serving the Virginia, Commonwealth of Virginia. It has jurisdiction over the Northern Virginia, H ...

References

{{reflist

External links