Federal officials detained "Pompompurin," a Peekskill, New York guy, for running the dark web data-breach site "BreachForums."

Investigators detained Conor Brian Fitzpatrick at home around 4:30 p.m. Wednesday, an FBI agent stated in court. Fitzpatrick faces one count of access device fraud conspiracy.

About 1,000 businesses and websites had their records stolen, and BreachForums housed them. The databases frequently contain personal data including names, emails, and passwords. 

Users of the website can sell the information, which can be used for fraud. On BreachForums, Pompompurin's profile refers to him as "Bossman" and features a photo of the Sanrio Co. cartoon dog he used as an online pseudonym.

According to his profile, Fitzpatrick last visited the website on Wednesday at 3:53 PM, just before he was taken into custody.

Also Read: What is Cybersecurity? Everything You Need to Know

Fitzpatrick reportedly acknowledged using the pseudonym "Pompompurin" and being the owner and operator of BreachForums, according to the FBI agent who led the other agents in the arrest.

After being freed on bail, Fitzpatrick didn't immediately reply to a request for comment. On his court appearance, he was represented by Benjamin Gold, who declined to comment.

Fitzpatrick was featured as one of the Peekskill High School class of 2021 graduates in a local newspaper. According to the documents of the court, he was born in 2002. A local news outlet published the video of FBI and Homeland Security officers invading a Peekskill home on Wednesday and removing bags of potential evidence from the residence.

 The agents were collaborating with local police. Fitzpatrick was not specifically mentioned in the article, but the location is the same as the one he shared with his parents according to internet records.

Investigators in cyber security

According to many sources familiar with the issue who declined to be named because the material isn't public, Fitzpatrick had been under careful observation by cybersecurity investigators for more than a year and was thought to be a prominent participant in the cybercrime ecosystem.

The Federal Bureau of Investigation seized RaidForums, the conceptual forerunner of BreachForums, in April 2022.

According to Allan Liska, a senior intelligence analyst at the cybersecurity company Recorded Future, "Breach Forums is one of, if not the most active, hacker forums out there. 

They are well recognised for disclosing private data obtained from significant businesses throughout the world, including the online trading site Robinhood and Acer Computers.

Once RaidForums closed, BreachForums was established, "exactly with the purpose of carrying on the job started at Raid," Liska noted. Pompompurin, who controlled the forum, openly supported its hacking and leak efforts.

In November 2021, Pompompurin took ownership of sending phoney emails using a "fbi.gov" email account as their source. In an interview with Brian Krebs, Pompompurin admitted responsibility for the breach.

The allegations, which were brought in front of a federal judge in Alexandria, Virginia, were not made public. The US Attorney in Alexandria's spokesperson did not respond to requests for comment through phone or email.

https://www.mindstick.com/blog/301480/5-biggest-cybersecurity-mistakes-and-how-to-avoid-them

Fitzpatrick was brought before a federal judge in White Plains, New York, and freed on a parent-signed $300,000 unsecured bail. Fitzpatrick must avoid interacting with any co-defendant, accomplice, or witness in the case. On March 24, he is scheduled to appear in court in Alexandria.

US v. Fitzpatrick, 23-cr-2171, US District Court, Southern District of New York, is the name of the case (Manhattan).