This article is more than 1 year old
Step on it, I've got the police on my hack: Anon swipes, leaks online 269GB of crime intel docs from cops, Feds
'BlueLeaks' data lifted after web host biz pwned, we're told
Some 269GB of data stolen from police and the Feds in America has been shared online by miscreants.
Known as BlueLeaks, the info trove consists mostly of crime intelligence material uploaded to what are known as fusion centers. The data was taken by hackers operating under the Anonymous banner, and was bunged on the DDoSecrets data-leaking site for all to see.
#BlueLeaks provides unique insights into law enforcement and a wide array of government activities, including thousands of documents mentioning #COVID19 https://t.co/die52NK2yA
— Distributed Denial of Secrets (@DDoSecrets) June 19, 2020
Fusion center sites, created in the aftermath of the September 11 terror attacks, serve as a way for state and county cops to share information with one another and, more importantly, with the FBI and US Homeland security.
Senator demands deep probe into spyware-for-cops after NSO Group touts hacking toolkit to American plod
READ MOREFor example, the docs in the BlueLeaks dump include bulletins from Homeland Security about tactics terrorist groups could use to side-step security measures and carry out attacks, or information from beat officers about a suspect who has gone on the run.
The authenticity of the leaked data was reportedly confirmed by an internal bulletin from the National Fusion Center Association.
“Our initial analysis revealed that some of these files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), and other financial data as well as personally identifiable information (PII) and images of suspects listed in Requests for Information (RFIs) and other law enforcement and government agency reports,” the advisory states. El Reg has asked the NFCA for comment.
In that document, the NFCA attributes the leak to a network security breach at a small hosting and web services provider in Texas. It is said an attacker compromised the host's web upload tool to gain access to the files of other customers, including police departments and fusion centers.
Netsential, the hosting provider named in the document, did not respond to a request for comment. ®