The man behind LeakedSource.com has been arrested in Canada.
According to The Hacker News, Canadian authorities arrested 27-year-old Jordan Evan Bloom in late December 2017 and charged him with trafficking in identity information, mischief to data, unauthorized use of a computer and possession of property obtained by crime. A lawyer said that Bloom faces up to 10 years in prison.
The arrest was made as part of the RCMP’s national cybercrime division investigation, dubbed “Project Adoration.” Krebs on Security reported the investigation began in 2016, when the RCMP learned that LeakedSource.com was hosted by servers in Quebec.
“This investigation is related to claims about a website operator alleged to have made hundreds of thousands of dollars selling personal information,” the RCMP cybercrime investigative team said in a statement. “The RCMP will continue to work diligently with our domestic and international law enforcement partners to prosecute online criminality.”
Launched in 2015, LeakedSource.com collected around 3 billion personal identity records and associated passwords through massive data breaches, including LinkedIn, VK.com, Last.fm, Ashley Madison, Myspace, Twitter, Weebly and Foursquare.
Users could simply enter any email address on the site’s search page to find out if it had a password related to the address. The information was accessible and searchable to anyone for a small fee.
Bloom, who appeared in a Toronto court on Jan. 15, claimed to have earned nearly $200,000 by selling the stolen records via his site.
While LeakedSource.com was shut down and its social media accounts suspended, another website with the same domain name hosted by servers in Russia is still running.
The RCMP said the Dutch national police and the FBI assisted in the operation.