Western law enforcement agencies have dismantled an online marketplace used to buy and sell hacked and stolen personal data belonging to millions of people, and have charged the platform’s founder and chief administrator, officials announced Tuesday.
Authorities say the RaidForums website trafficked in hundreds of databases of sensitive data, including credit card and Social Security numbers and bank account information, that had been hacked or stolen from victims.
In addition to seizing three domains that hosted the website, officials have also arrested 21-year-old Diogo Santos Coelho of Portugal, who prosecutors say controlled and administered the platform between 2015 and this past January, when he was taken into custody in the United Kingdom. The U.S. is seeking his extradition to federal court in Alexandria, Virginia , on charges including conspiracy, access device fraud and aggravated identify.
“The takedown of this online market for the resale of hacked or stolen data disrupts one of the major ways cybercriminals profit from the large-scale theft of sensitive personal and financial information,” said Assistant Attorney General Kenneth A. Polite, Jr., head of the Justice Department’s criminal division, said in a statement.
The site, founded in 2015, offered special access and features for members willing to pay and enabled members to earn credits through means that included posting instructions on how to commit illegal acts, officials said.
“Disruption has always been a key technique in operating against threat actors online, so targeting forums that host huge amounts of stolen data keeps criminals on their toes,” said Edvardas Šileris, head of Europol’s European Cybercrime Centre. “Europol will continue working with its international partners to make cybercrime harder — and riskier — to commit.”
The FBI and Justice Department and other Western law enforcement agencies, including Europol and agencies in Sweden, Portugal, Germany and the UK, were involved in the operation.
