Abu Dhabi, UAESaturday 26 September 2020

Hackers leak hundreds of thousands of documents from US police departments and FBI

Hackers say senstivite files were collected from more than 200 police departments

A large trove of internal files and documents from police departments across the US was released online by hackers last week.

The 269-gigabyte collection contains hundreds of thousands of police department files, including sensitive data.

It was published online on June 19, a holiday known as Juneteenth in the US, which commemorates the day when the last enslaved African Americans learnt they were free.

The hack, called “Blue Leaks”, was posted online by a group that calls itself Distributed Denial of Secrets (DDoSecrets).

The group said the Blue Leaks comprised “ten years of data from over 200 police departments, fusion centres and other law-enforcement training and support resources.

"Among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more.”

The founder of the group, Emma Best, told Wired: "It's the largest published hack of American law enforcement agencies."

The group focuses on data leaks they believe are in the public interest.

“Our view is that data is a resource and a record,” their website reads. “We trust the public to be responsible with data and open it to them for the rigorous examination of it."

It appears the security breach occurred within fusion centres, which are data collection centres commonly used by police departments to co-ordinate between local and federal levels.

These centres collect and analyse various documents from law enforcement agencies.

Many fusion centres use a US-based web services company called Netsential.

A hack on Netsential appears to be behind the data leak, according to government documents obtained by KrebsOnSecurity, the security blog by US journalist Brian Krebs.

The National Fusion Centre Association confirmed the leak to KrebsOnSecurity and said the leaked documents run from August 1996 through to June 19 this year.

“Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”

The hacked files were provided to DDoSecrets by another collective of hackers known as Anonymous, Ms Best told Wired.

Anonymous is more than a decade old, born on internet chat forums, but it has experienced an online resurgence this month during global protests against police brutality.

Anonymous has no formal structure or membership, but the group is well known for wearing Guy Fawkes face masks and orchestrating online hacks connected to political events and current affairs.

The self-described "hacktivist" group has taken credit for attacking the CIA, Sony, PayPal and government websites, protesting against matters ranging from WikiLeaks to whaling in Iceland.

Online activists have plunged into the enormous collection of leaked files, sharing their findings using the hashtag #blueleaks.

Updated: June 23, 2020 08:49 AM

Editor's Picks
Sign up to our daily email
Most Popular