BreachForums, Major Personal Data Sales Platform, Seized by the FBI

On May 15, 2024, the FBI, in collaboration with international law enforcement agencies, seized the notorious cybercrime forum BreachForums. This action marks a severe blow to a site that has been a major marketplace for stolen data and hacking tools.

Background and Operation Details

BreachForums is the successor to RaidForums, which was shut down in 2022. The original version of BreachForums, known as Breached, was also taken down in 2023 following the arrest of its administrator, Conor Brian Fitzpatrick (alias Pompompurin). Despite these shutdowns, the forum resurfaced each time, continuing to facilitate illegal activities until the recent seizure​.

BreachForums, which has been operational under various iterations since June 2023, has been a hub for buying and selling stolen data, including personal information and hacking tools. This latest seizure followed the release of files purportedly stolen from Europol’s databases, which spurred a swift response from law enforcement​.

Upon visiting the BreachForums site, users are now greeted with a seizure notice from the FBI and DOJ, emphasizing that the site is under federal control. The notice also displays the avatars of the site’s administrators, ShinyHunters and Baphomet, behind bars, symbolizing their arrest and the disruption of their activities​.

An International Cooperation

The shutdown of BreachForums is a major victory for law enforcement, but it also highlights the resilience of cybercriminal networks. The forum had become a central platform for cybercriminals to trade stolen data, affecting numerous organizations worldwide, including high-profile targets like France Travail, Dell, and Europol.

This operation was conducted by several agencies from the United States, UK, Australia, New Zealand, Switzerland, Ukraine, and Iceland, highlighting the global effort required to combat cybercrime.

Future Implications

While the takedown of BreachForums is a significant achievement, it is expected that similar forums will eventually emerge. The continuous cycle of shutdowns and re-emergence points to the persistent challenge that law enforcement faces in the digital age. Cybersecurity experts emphasize the need for ongoing vigilance and collaboration to mitigate these threats effectively.

However, an analysis by cybersecurity firm Kela indicates a downward trend in activity across successive versions of these forums. RaidForums saw an average of 58,000 posts per month, while Breached and BreachForums registered around 31,000 and 32,000 posts respectively. This decline might suggest a growing difficulty for these platforms to maintain their user base and activity levels amidst increasing law enforcement scrutiny.

Reporting Cybercriminal Activity

In parallel with the site’s seizure, the FBI has set up a dedicated reporting form at breachforums.ic3.gov. This online form enables individuals to report any information related to cybercriminal activities associated with BreachForums. The FBI is currently reviewing the site’s backend data and encourages the public to assist in their investigations by providing relevant information.

While the BreachForums takedown represents a significant disruption to cybercrime activities, the continuous emergence of new platforms highlights the need for sustained vigilance and international collaboration. The cybersecurity community must remain proactive in its efforts to secure data and combat cyber threats, recognizing that each victory, while crucial, is part of a larger, ongoing struggle.

Photo Credit: defensorum – adobestock

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Stan Deberenx

Stan Deberenx is the Editor-in-Chief of Defensorum. Stan has many years of journalism experience on several publications. He has a reputation for attention to detail and journalist standards. Stan is a literature graduate from Sorbonne University, with a master's degree in management from Audencia/University of Cincinnati.
LinkedIn