A group of activists posted nearly 300GB of data from US police depts, including scanned documents, videos, emails, audio files, & more, online last Friday.
During a time of US civil unrest, a cache of sensitive police data, potentially as much as 300GB, was leaked online Fri., the ‘Juneteenth’ holiday.
This data, including documents from police departments across the US in addition to Fusion Centres, & other law enforcement resources, surfaced via Blue Leaks, a Wiki Leaksesque like effort via a group called DDoSecrets.
Fusion Centres, set up after the creation of the US Department of Homeland Security (DHS), are designed to serve as a link between law enforcement & State, Local, Tribal & Territorial (SLTT), federal & private sector partners. The centres – there are 40 state-owned & operated centres in total – parse anti-terrorism data, in addition to criminal intelligence, public & private sector data to identify threats.
A report via KrebsOnSecurity cites internal analysis by the National Fusion Centre Association from Jun. 20, confirming the leak data is legitimate.
According to a post by the DDo Secrets group on Twitter Friday, the information contains “10 years of data from over 200 police departments, fusion centres & other law enforcement training & support resources.”
Krebson Security says the data actually dates back 24 years, from Aug 19.96 until just recently, Jun. 19, 2020. According to the NFCA, the information includes names, email addresses, phone numbers, PDF documents, images, in addition to text, video, CSV, & ZIP files.
NFCA added that the data looks like it is from Netsential, a Houston-based web hosting company that works with US law enforcement agencies & fusion centres.
“Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centres, law enforcement, & other government agencies across the US, was the source of the compromise,” the NFCA wrote, according to Krebson Security.
“Netsential confirmed that this compromise was likely the result of a threat player who used a compromised Netsential customer user account & the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”
This leaked data includes emails, attachments – information including ACH routing numbers, international bank account numbers, personally identifiable information, images of suspects in requests for information, & other reports, says the NFCA.
The group behind the leak, formed in Dec. 2018, calls itself a ‘transparency collective’ led by journalists “aimed at enabling the free transmission of data in the public interest.”
Yet, while DDo Secrets posted the information, it was unclear where it got it from. In an interview, Emma Best, DDo Secrets founder, explained. The files came from someone either affiliated with or representing ‘Anonymous’, the decentralized international activist group. If true, it is the group’s most public act of hacktivism in a decade & could be an ominous sign of the future!