Users purchased " credits" (via Bitcoin or Monero) to unlock download links for leaked databases. A database containing 1 million user records might cost 50–500 credits.
This prevents hackers from opening new accounts in your name even if they have your Social Security number. Final Thoughts
The site's impact was felt across various industries, including:
: The original site was launched by "pompompurin" (Conor Brian Fitzpatrick), who was arrested in New York in March 2023. breachforum
Simultaneous raids across the UK and Europe arrested top moderators "Bido" and "Drac."
Databases containing the customer records, source codes, and internal employee directories of global telecom companies, hardware manufacturers, and software firms were routinely put up for auction, often fetching tens of thousands of dollars in Bitcoin or Monero. 4. The First Fall: The Arrest of Conor Brian Fitzpatrick
: A primary feature would be various discussion forums or sections dedicated to different topics related to data breaches, exploits, and cybersecurity. Users purchased " credits" (via Bitcoin or Monero)
For those defending enterprise networks, the BreachForum saga offers critical lessons.
For the average internet user, the lesson is grim: Your data is already out there. Whether stays offline forever or resurrects tomorrow, the breaches it hosted are immortal. The only defense is vigilance, unique passwords, and never trusting a "breach check" from an unverified source.
In late 2022, Pompompurin himself claimed responsibility for breaching InfraGard, a critical infrastructure communication partnership managed by the FBI. The attacker social-engineered their way into an account, vetting themselves as a financial CEO, and subsequently scraped the contact details of over 80,000 members. Final Thoughts The site's impact was felt across
Massive "dumps" containing emails, passwords, SSNs, and credit card info.
Under Fitzpatrick's administration, BreachForums became the epicenter of some of the most consequential data breaches of the early 2020s. The platform boasted an inventory of at least 888 datasets of stolen information containing over 14 billion individual records of personally identifiable information (PII). These datasets spanned telecommunications, social media, investment firms, healthcare services, and internet service providers.
In May 2023, users logged into BreachForum to find a shocking message: Domain seized. This was not a traditional "exit scam" (where admins steal user deposits). Instead, the homepage displayed a banner indicating seizure by the , Secret Service , and Dutch National Police .
Audio Interface Buying Guide
Remember when choosing an audio interface was confusing before you read this?
Read Now ›
Vocal Microphone Buying Guide
It's so easy to record studio quality vocals these days with the right mic...
Read Now ›