Notorious Hacker ‘IntelBroker’ Arrested

A 25-year-old British man named  Kai West has been charged by US authorities for allegedly operating under the alias "IntelBroker," a notorious figure in the cybercrime world responsible for a series of high-profile data breaches. Arrested in France in February.

West now faces extradition to the United States, where he is accused of orchestrating cyber attacks that caused over £18 million in damages worldwide.

Alleged Leader of Cybercrime Kingpin

US federal prosecutors in the Southern District of New York have indicted West on multiple charges, including conspiracy to commit computer intrusions, wire fraud, and accessing protected computers to obtain information. Operating under the pseudonyms "IntelBroker" and "Kyle Northern," West is alleged to have led a hacking group known as "The Boys," targeting over 40 organisations, including major corporations and a US healthcare provider.

West’s activities, spanning from December 2022 to February 2025, involved infiltrating secure networks to steal sensitive data, such as customer lists and patient information, which was then sold or distributed for free on dark web forums, primarily BreachForums.

Prosecutors claim West offered stolen data for sale 41 times and shared it for free or forum credits in 117 instances between 2023 and 2025, causing an estimated $25 million (£18.2 million) in damages.

High-Profile Targets & BreachForums Connection

IntelBroker gained notoriety for claiming responsibility for breaches at major organisations, including Advanced Micro Devices (AMD), Cisco Systems, Hewlett Packard Enterprise, Europol, and Facebook Marketplace, though some claims were reportedly exaggerated. A significant breach in March 2023 targeted DC Health Link, a health insurance marketplace used by members of the US Congress, exposing sensitive personal data.

West allegedly operated as an administrator of BreachForums, a prominent cybercrime marketplace, between August 2024 and January 2025.

The forum, described as an "Amazon for hackers," facilitated the sale and extortion of stolen data. French authorities arrested four other suspected BreachForums administrators in Paris last week, marking a broader crackdown on the platform.

FBI’s Bitcoin Operation

West’s downfall came through a critical error in his operational security. Known for using Monero, a privacy-focused cryptocurrency, IntelBroker was lured into accepting a $250 Bitcoin payment from an undercover FBI agent for stolen data. This transaction, traced to an account linked to West, helped investigators confirm his identity.

Additional evidence included IP address overlaps and YouTube videos watched by West that were later posted by IntelBroker on BreachForums.

Previous Criminal Activities

West’s alleged criminal history extends beyond cybercrime. In 2018, at the age of 18, he was reportedly arrested by UK police for orchestrating hoax bomb threats targeting thousands of schools. This earlier incident suggests a pattern of disruptive behaviour predating his activities as IntelBroker.

Facing Severe Penalties

Currently detained in France, West awaits extradition to the US, where he faces up to 20 years in prison for each wire fraud charge and five years for hacking-related offences. US Attorney Jay Clayton described the IntelBroker alias as responsible for "millions in damages to victims around the world," underscoring the FBI’s commitment to pursuing cybercriminals globally.

FBI Assistant Director Christopher G. Raia called West a "serial hacker" whose actions profited millions in illicit funds. The case highlights international cooperation between US and French authorities, with the latter’s arrests of BreachForums operators signaling a robust response to cybercrime networks.

The arrest of West and other BreachForums operators marks a significant milestone in combating global cybercrime.

Ensar Seker, chief information security officer at SOCRadar, described the apprehension as a "significant milestone" in disrupting a resilient cybercrime marketplace. However, experts note that while IntelBroker’s claims were sometimes overstated, the scale of the operation underscores the persistent threat of data breaches to organisations worldwide.

As West’s extradition approachess, the case serves is a warning to cybercriminals that law enforcement agencies are increasingly adept at tracking and prosecuting those hiding behind online aliases. The takedown of IntelBroker and the continued targeting of platforms like BreachForums reflect a global effort to curb the growing menace of cybercrime.

 Mail Online  |  TechRepublic  |   News9Live  |  DarkReading  |  Computer Weekly  |  Hackread  |  CoinTelegraph

Image: Ideogram

You Might Also Read: 

Prolific Hacking Gang DieNet Presents A Serious Threat:


If you like this website and use the comprehensive 8,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Cybersecurity: The New Catalyst For SMB Growth 
US Seeks To Ban 'Adversarial AI' »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

Perkins Coie LLP

Perkins Coie LLP

Perkins Coie LLP is an internationalk law firm with offices across the USA and Asia. Practice areas include Privacy and Data Security.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

8MAN

8MAN

8MAN is a leading Access Rights Management (ARM) solution in Microsoft and virtual server environments.

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

National Agency for Information & Communication Technologies (ANTIC) - Cameroon

ANTIC is responsible for regulating the activities of electronic security and regulation of the Internet in Cameroon.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Malleum

Malleum

MALLEUM are specialists in penetration testing and security assessments. We think like hackers – and act like them – to disclose discreet dangers to your organization.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

Trellix

Trellix

Trellix is an extended detection and response (XDR) solutions provider created from a merger of McAfee Enterprise and FireEye Products.

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity

Rocky Mountain Cybersecurity's mission is to provide value by dramatically improving the cybersecurity posture of our clients and business partners.

Sify Technologies

Sify Technologies

Sify is the largest ICT service provider, systems integrator, and all-in-one network solutions company on the Indian subcontinent.

Accenture

Accenture

Accenture is a leading global professional services company providing a range of strategy, consulting, digital, technology & operations services and solutions including cybersecurity.

SEK Security Ecosystem Knowledge

SEK Security Ecosystem Knowledge

SEK helps companies in the complex path of cybersecurity; in the analysis, detection and prevention of digital threats.

ReformIT

ReformIT

ReformIT is a Managed IT Service and Security provider with many years experience helping companies find the right IT solutions to meet the needs of their businesses.