The Federal Bureau of Investigation (FBI) has taken down a dark web forum called BreachForums, which was orchestrated by a single hacker from whom cybercriminals purchased stolen personal data.
20-Year-Old New York Man Charged
The Justice Department said that Conor Brian Fitzpatrick, 20, of Peekskill, New York, allegedly operated BreachForums as a marketplace for cybercriminals to buy, sell and trade hacked or stolen data and other contraband since March 2022. Officials called it one of the world’s largest hacker forums with some 340,000 members worldwide.
According to the FBI, items stolen and then resold to other hackers included bank account information, Social Security numbers, hacking tools, breached databases, services for gaining unauthorized access to victim systems, and account login information for compromised online accounts with service providers and merchants.
Federal law enforcement, in conjunction with the U.S. Inspector General’s office for the Department of Health and Human Services, conducted a join operation that brought down the website, officials said.
Fitzpatrick, who was arrested on March 15, made his initial appearance in court on March 24. He faces up to five years in prison on a federal charge of conspiracy to commit access device fraud.
Long List of Victims
Victims included millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations and government agencies. Some of the stolen datasets contained the sensitive information of customers at telecommunication, social media, investment, health care services, and internet service providers.
For instance, on January 4, a BreachForums user posted the names and contact information for approximately 200 million users of a major U.S.-based social networking site. And on December 18, 2022, another BreachForums user posted details of approximately 87,760 members of InfraGard, a partnership between the FBI and private sector companies focused on the protection of critical infrastructure.
Commenting on the case, Deputy Attorney General Lisa O. Monaco said:
“Today, we continue our work to dismantle key players in the cybercrime ecosystem. Like its predecessor RaidForums, which we took down almost a year ago, BreachForums bridged the gap between hackers hawking pilfered data and buyers eager to exploit it. All those operating in dark net markets should take note: Working with our law enforcement partners, we will take down illicit forums and bring administrators to justice in U.S. courtrooms.”
Inside the Operation
Fitzpatrick allegedly created and operated a “Leaks Market” section on the BreachForum website dedicated to buying and selling hacked or stolen data, tools for committing cybercrime, and other illicit material.
He is said to have offered to act as a go-between between hackers on the website interested in transacting in this manner. In addition, Fitzpatrick allegedly managed an “Official” databases section through which BreachForums directly sold access to verified hacked databases by way of a credits system administered by the platform.
As of January 11, the Official database section purported to contain 888 datasets, consisting of over 14 billion individual records. These databases belong to a wide variety of both U.S. and foreign companies, organizations and government agencies. Fitzpatrick allegedly profited from the scheme by charging for forum credits and membership fees.
Fitzpatrick’s arrest comes after a data breach occurred earlier in March at DC Health Link, which administers health insurance plans to members of Congress and their staff members. The leak exposed the data of dozens of Congressional members and 56,000 customers of the health exchange.