Some 269GB of data stolen from police and the Feds in America has been shared online by miscreants.
Known as BlueLeaks, the info trove consists mostly of crime intelligence material uploaded to what are known as fusion centers. The data was taken by hackers operating under the Anonymous banner, and was bunged on the DDoSecrets data-leaking site for all to see.
Fusion center sites, created in the aftermath of the September 11 terror attacks, serve as a way for state and county cops to share information with one another and, more importantly, with the FBI and US Homeland security.
Senator demands deep probe into spyware-for-cops after NSO Group touts hacking toolkit to American plodREAD MORE
For example, the docs in the BlueLeaks dump include bulletins from Homeland Security about tactics terrorist groups could use to side-step security measures and carry out attacks, or information from beat officers about a suspect who has gone on the run.
“Our initial analysis revealed that some of these files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), and other financial data as well as personally identifiable information (PII) and images of suspects listed in Requests for Information (RFIs) and other law enforcement and government agency reports,” the advisory states. El Reg has asked the NFCA for comment.
In that document, the NFCA attributes the leak to a network security breach at a small hosting and web services provider in Texas. It is said an attacker compromised the host's web upload tool to gain access to the files of other customers, including police departments and fusion centers.
Netsential, the hosting provider named in the document, did not respond to a request for comment. ®