Want CNET to notify you of price drops and the latest stories?

Massive Online Market for Stolen Data Taken Down by Global Operation

Alleged administrator of RaidForums arrested and charged.

Bree Fowler Senior Writer
Bree Fowler writes about cybersecurity and digital privacy. Before joining CNET she reported for The Associated Press and Consumer Reports. A Michigan native, she's a long-suffering Detroit sports fan, world traveler, wannabe runner and champion baker of over-the-top birthday cakes and all-things sourdough.
Expertise cybersecurity, digital privacy, IoT, consumer tech, smartphones, wearables
Bree Fowler
2 min read

The Department of Justice was part of the international effort to take down RaidForums.


Law enforcement in Europe and the US on Tuesday said they had taken down and seized a massive illegal online market that bought and sold access to databases of millions of credit card numbers and other sensitive information belonging to Americans and others around the world.

The alleged administrator of RaidForums and two other people were arrested in the operation dubbed Tourniquet, which was coordinated by European police agency Europol and brought together law enforcement from the US, UK, Sweden, Portugal and Romania.

Launched in 2015, RaidForums boasted over a half a million users, making it one of the largest illegal markets of its kind in the world, Europol said. Its data came from US companies representing a variety of industries, having been harvested from breaches and other cybercrimes carried out over the past few years.

In addition to credit card numbers, the hundreds of databases included stolen bank routing and account numbers, login credentials and Social Security numbers, the US Department of Justice said.

According to US court records unsealed Tuesday, the US recently received authorization from a judge to seize three domains that hosted the RaidForums website. Also unsealed were criminal charges against RaidForums' purported founder and chief administrator, Diogo Santos Coelho, 21, of Portugal. Coelho was arrested in the UK on Jan. 31 at the US' request and remains in custody pending extradition, the Justice Department said.

The six-count indictment against Coelho charges him with conspiracy, access device fraud and aggravated identity theft. It says that over the past seven years, Coelho controlled and served as the chief administrator of RaidForums, which he operated with the help of other website administrators.

In addition to creating and managing the site, the indictment says Coelho personally sold stolen data on the platform. He also directly facilitated illegal sales by operating a fee-based "official middleman" service where he helped others buy and sell data by verifying the means of payment and files being sold before letting the deal go forward, the indictment says.