Share this article on:
The US government is pushing to see the creator of former hacking forum BreachForums put behind bars for 15 years.
The lead administrator and creator of BreachForums, Conor Brian Fitzpatrick, was charged with one count of conspiracy to solicit individuals to sell unauthorised access devices when he was arrested on 15 March 2023.
Following his arrest, Fitzpatrick admitted to his actions, leading to his release on a US$300,000 bond as he awaited the courts.
However, Fitzpatrick was once again brought into custody after breaking his bond terms by using a VPN to go online on an unmonitored device.
The former administrator is due for his final sentencing on 19 January, with the US government proposing that he face 188 months or roughly 15.7 years behind bars.
“The defendant’s administration of BreachForums played an instrumental role in bringing together more than 300,000 members to solicit, distribute, and access thousands of breached databases containing the stolen data of hundreds of companies, organisations, and governmental organisations of varying size and the PII of millions of US persons,” said the proposal documents.
“By creating a platform for hackers and fraudsters to connect and conduct business, the defendant made it possible for BreachForums members to commit exponentially more crimes and more sophisticated crimes than any could have done alone.”
In addition to his crimes, the FBI also discovered 26 files containing child pornography on an SSD that was seized.
The almost 16-year sentence is on the lower side of recommended sentencing for the charge, likely as a result of his cooperation combined with other potential factors such as plea deals, lack of a history of violent crime and more.
The US government added that BreachForums and, thus, Fitzpatrick encouraged the sale and leak of stolen data.
“The defendant’s middleman service substantially facilitated and encouraged the dissemination of hacked or stolen data through BreachForums because it enabled purchasers and sellers to verify the means of payment and contraband files being sold prior to executing the purchase and sale,” the proposal document continued.
BreachForums is an infamous clear web forum in which threat actors and potential buyers would advertise and trade stolen data. According to BleepingComputer, the official databases section had 888 stolen databases alone, which contained over 14 billion unique records.