ShinyHunters and team members arrested in France (2)

The following are machine-translated bits and pieces from a fuller news story by Jean-Michel Décugis and Damien Licata Caruso:

The FBI’s arrest of Conor Brian Fitzpatrick, aka “Pompompurin,” in March 2023 dealt a first blow to “Breached.” This American citizen was suspected of being the main manager of the platform, which had temporarily ceased operations. A new management team of five discreet Frenchmen took over, hidden behind screens and pseudonyms.

According to a source close to the investigation, the first hacker, “Intelbroker,” was arrested last February. The other administrators, fearing exposure, suspended the website, which was created in March 2022 to conceal databases siphoned off from companies, last April.

But the BL2C investigation continued, and specialist police officers made arrests earlier this week in Hauts-de-Seine, Seine-Maritime, and Réunion. “ShinyHunters,” “Hollow,” “Noct,” and “Depressed” are accused of harming numerous victims of high-profile data leaks, including Boulanger, SFR, France Travail , and the French Football Federation.

Read more at LeParisien.

Update 1: As expected, more details are emerging in other news outlets. One important detail is that ShinyHunters is suspected of being responsible for the attacks on LVMH, which is the high-end brand associated with Tiffany and Dior, who both reported breaches this year. Although there had been some speculation that Scattered Spider might be responsible for those breaches, it appears that they have been attributed now to ShinyHunters. They are also suspected of being responsible for attacks on the Ministry of National Education, SFR, the French Football Federation (FFF), Boulanger, Accor, France Travail, and Capgemini.

Update 2:  Press statement by the Paris Prosecutor’s Office in French and in English.