Pierluigi Paganini July 17, 2023

The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges.

The owner of the BreachForums Conor Brian Fitzpatrick agrees to plead guilty to a three-count criminal information charging the defendant with conspiracy to commit access device fraud, solicitation for the purpose of offering access devices, and possession of child pornography.

BreachForums functioned as a cybercrime marketplace, enabling its members to engage in the solicitation, sale, purchase, and exchange of illicitly obtained or compromised data, along with various contraband items. Traded goods included stolen access devices, cybercrime tools, compromised databases, and services aimed at gaining unauthorized access to targeted systems.

In March 2023, U.S. law enforcement arrested Pompompurin, the agents spent hours inside and outside the suspect’s home and were seen removing several bags of evidence from the house.

The man has been charged with soliciting individuals with the purpose of selling unauthorized access devices. Fitzpatrick was released on a $300,000 bond signed by his parents.

The BreachForums hacking forum was launched in 2022 after the law enforcement authorities seized RaidForums as a result of Operation TOURNIQUET. pompompurin always declared that he was ‘not affiliated with RaidForums in any capacity,’

The maximum penalties for conspiracy to commit access device fraud are 10 years of imprisonment, a fine of $250,000, full restitution, forfeiture of assets as outlined below, a $100 special assessment, and three years of supervised release. The maximum penalties for solicitation for the purpose of offering access devices are 10 years, a fine of $250,000, full restitution, forfeiture of assets as outlined below, a $100 special assessment, and three years of supervised release. The maximum penalty for possession of child pornography is 20 years of imprisonment, a fine of $250,000, full restitution, forfeiture of assets, and a minimum supervised release term of 5 years and a maximum of Life.

The maximum penalty for the three charges is 40 years of imprisonment, a fine of $750,000, and a supervised release between 5 years to life.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Pompompurin)