$700,000 for a Single Forum Post? Court Says Hacker Must Pay
He was an escrow agent in the dark market — and became collateral in the courtroom.
He was an escrow agent in the dark market — and became collateral in the courtroom.
Connor Brian Fitzpatrick, known online as “Pompompurin,” and a former administrator of the cybercrime forum BreachForums, has agreed to pay nearly $700,000 as part of a civil lawsuit filed by an insurance company whose client data was listed for sale on the forum. This ruling marks a rare precedent — arguably the first time a hacker directly tied to a data breach has faced civil liability and lost funds to compensate victims.
The incident that triggered the lawsuit took place on January 18, 2023, when posts appeared on BreachForums advertising the sale of tens of thousands of records containing Social Security numbers, birthdates, addresses, and phone numbers of clients from California-based insurer Nonstop Health. After a class action was initiated against the company, attorneys added Fitzpatrick as a third-party defendant, accusing him of playing a direct role in the breach. This came months after his arrest by the FBI.
Nonstop Health itself agreed to pay $1.5 million in January 2025 to settle the class action claims. Fitzpatrick's $700,000 liability will now be made available to victims who file compensation claims.
According to Jill Fertel, head of cyber litigation at law firm Cipriani & Werner and representative of Nonstop Health, this is the first known case where a breach-related actor has faced civil accountability. Former federal prosecutor Mark Rush, now with cyber firm Unit 221B, emphasized how rare it is to not only identify a hacker but also locate funds that could be used to repay victims.
Despite pleading guilty to possessing over 600 CSAM images (child sexual abuse material) and running BreachForums, Fitzpatrick was sentenced in January 2024 to time served and 20 years of supervised release. Prosecutors found this too lenient and filed an appeal. Court documents later revealed that Fitzpatrick violated release conditions by using a computer without mandated monitoring. He also mocked the charges in Discord messages, claiming he didn’t truly accept guilt despite the plea deal and encouraging others to “sell data to foreign governments” and “become assets for China or Russia.”
In January 2025, the appeals court sided with prosecutors, vacated the prior sentence, and scheduled a retrial for June 3, 2025.
BreachForums launched in March 2022 as a successor to the dismantled RaidForums, quickly amassing over 300,000 users. It became a central marketplace for stolen databases, often involving high-profile leaks. Acting as administrator and escrow agent, Pompompurin personally verified data and facilitated transactions, earning commissions on each deal.
A yearbook photo of Fitzpatrick was uncovered by local outlet Yonkers Times.
Although the FBI dismantled the latest iteration of BreachForums in May 2024 with help from international partners, attempts to revive the platform have continued. Despite criminal charges, underground forums remain active, and ties between hackers and CSAM traffickers continue to be a troubling and persistent issue in the cybercrime ecosystem.
Jill Fertel also noted a disturbing trend: on some dark forums, newcomers are pressured to upload CSAM as a "proof of loyalty" to show they are not undercover agents. According to her, this twisted logic is based on the belief that such actions would be illegal even for law enforcement operatives and thus serve as a “guarantee” of trust.