The Canadian arrested for running leaked credentials site and allegedly selling billions of passwords from major data breaches appeared in his first court hearing on Monday. The man is accused of trafficking in identity information, unauthorized use of computer (s. 342.1 of the Criminal Code), mischief to data and possession of property obtained by crime, announced the Royal Canadian Mounted Police (RCMP).
27-year-old Jordan Evan Bloom from Ontario was identified as the man behind Leakedsource.com, a site hosted on servers in Quebec that collected a database of some 3 million identity records and passwords. Bloom was arrested on Dec. 22 in the Project “Adoration” criminal investigation. According to the RCMP, he made approximately $198,000 from selling identity information.
“This investigation is related to claims about a website operator alleged to have made hundreds of thousands of dollars selling personal information,” said Inspector Rafael Alvarado, Officer in Charge of the RCMP Cybercrime Investigative Team at National Division. “The RCMP will continue to work diligently with our domestic and international law enforcement partners to prosecute online criminality.”
Leakedsource.com appeared in 2015 and it was the largest collection of stolen credentials from major high-profile data breaches such as Ashley Madison, Last.fm, Yahoo, LinkedIn and Myspace. The site was used as a resource by a number of journalists investigating data breaches and leaked records. Although it was taken down, currently the same domain is live but hosted in Russia.
The arrest was part of an international effort between the RCMP’s National Division Cybercrime Investigative Team, Dutch National Police and the FBI.