Conor Brian Fitzpatrickowner of the now-defunct website BreachForums, pleaded guilty to charges related to operating a cybercrime forum and possessing child pornographic images.
The development, first reported by DataBreaches.net last week, comes almost four months after Fitzpatrick, aka Pompompurin, was formally indicted in the United States for conspiracy to commit access device fraud and possession of child pornography.
Founded in March 2022, BreachForums operated as an illegal marketplace where members could trade hacked or stolen databases, giving other criminals unauthorized access to targeted systems. It closed in March 2023, shortly after Mr. Fitzpatrick was arrested in New York.
It is estimated that 888 databases with a total of 14 billion individual records were found. Before the forum’s closure he had over 333,000 members.
“The purpose of BreachForums, and Fitzpatrick’s intent in operating the forums, is to commit, abide, and instigate the posting of any trafficking of stolen or hacked databases, including access devices, and the solicitation of offers of databases, including access devices. It was,” according to court documents.
The 20-year-old could face up to 40 years in prison and a total fine of $750,000. Sentencing is expected to be handed down on November 17, 2023.
News of Fitzpatrick’s plea deal comes amid Spanish National Police arrest of Ukrainian man on international wanted list for involvement in 2006-2011 scareware fraud operation after more than 10 years without capture .
The ruling comes after former IT security analyst Ashley Lyles, 28, was sentenced to three years and seven months in prison for attempting to extort her employer during a ransomware attack in 2018. will also continue.
Shielding Against Insider Threats: Mastering SaaS Security Posture Management
Worried about insider threats? We’ve got you covered! Join us for this webinar to explore practical strategies and proactive security secrets using SaaS Security Posture Management.
join today
Lyles, from Hertfordshire, allegedly altered the original ransom email and also changed the payment address provided by the original attackers in an attempt to redirect the ransom payment to himself. He pleaded guilty in April 2023.
“Mr. Lyles, along with other colleagues, worked with police to investigate the incident,” the Southeastern Regional Organized Crime Control Service (SEROCU) said in a press release.
“Using that information, Mr. Lyles launched a secondary attack against the company. changed to.”
