A Canadian man has been arrested and charged in Canada for operating the infamous LeakedSource and selling billions of stolen personal credentials and passwords online. Jordan Evan Bloom, 27, of Thornhill, Ontario, was arrested on 22 December, 2017 and charged with trafficking in identity information, unauthorised use of computer, mischief to data and possession of property obtained by crime, the Royal Canadian Mounted Police (RCMP) said.
The website, which has been operational since October 2015 until early 2017, harvested about three billion stolen identities, user names and passwords from a string of major breaches and sold them for a fee online.
Home to one of the largest online collections of stolen usernames and passwords online, the website collected data from numerous massive data breaches including LinkedIn, MySpace, DropBox and AdultFriendFinder with the website heavily advertised on underground hacker forums.
LeakedSource allowed anyone to purchase a subscription and browse through troves of data breach files. Users could also easily search for a victim's name, username and email address to access other details such as cleartext passwords.
The website was abruptly shut down in late January 2017 with many users speculating that the service had been raided by law enforcement authorities.
Bloom earned an estimated CA$247,000 ($200000, £144,028) through the scheme.
A criminal investigation codenamed Project Adoration began in 2016 when Canadian authorities learned that the LeakedSource website was being hosted by servers in Quebec. The RCMP said it worked with the Dutch National Police and the FBI on the investigation.
According to the RCMP, Bloom was the only operator of LeakedSource.
Bloom is currently in custody and is expected to make a court appearance on 16 February.
Cybersecurity lawyer Imran Ahmad told Reuters that Bloom could face a maximum sentence of five to 10 years in prison. He also suspects that Bloom was probably working with others on the service and that the money collected is likely just a part of the total haul.
"Cyber criminals typically have an underground network of collaborators and given the size of the database and scope of the endeavour, I suspect others were likely involved," Ahmad said.