The Industry’s Only SaaS-Delivered Enterprise DLP

Our unique approach to DLP allows for quick deployment and on-demand scalability, while providing full data visibility and no-compromise protection.

No-Compromise Data Protection is:

  • Cloud-Delivered
  • Cross Platform
  • Flexible Controls
DATAINSIDER

Digital Guardian's Blog

296 GB of Data from Police Departments Leaked Online

by Chris Brook on Monday June 22, 2020

Contact Us
Free Demo
Chat

An activist group posted nearly 300 gigabytes of data from police departments, including scanned documents, videos, emails, audio files, and more, online Friday.

Amid civil unrest, a cache of sensitive police data, potentially as much as 300 gigabytes, was leaked online Friday, the Juneteenth holiday.

The data, including documents from police departments across the U.S. in addition to fusion centers, and other law enforcement resources, surfaced via BlueLeaks, a WikiLeaks-esque effort via a group called DDoSecrets.

Fusion centers, set up in the wake of the creation of the Department of Homeland Security, are designed to serve as an intermediary between law enforcement and State, Local, Tribal and Territorial (SLTT), federal and private sector partners. The centers - there are 40 state owned and operated centers in total - parse anti-terrorism data, in addition to criminal intelligence, public and private sector data to identify threats.

According to a report via KrebsOnSecurity this morning that cites internal analysis by the National Fusion Center Association from June 20, the leaked data is legitimate.

According to a post by the DDoSecrets group on Twitter Friday, the information contains "10 years of data from over 200 police departments, fusion centers and other law enforcement training and support resources."

KrebsonSecurity notes the data actually dates back 24 years, from August 1996 until just recently, June 19, 2020. According to the NFCA, the information includes names, email addresses, phone numbers, PDF documents, images, in addition to text, video, CSV, and ZIP files.

The NFCA added that the data looks like it's from Netsential, a Houston-based web hosting company that works with US law enforcement agencies and fusion centers.

“Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centers, law enforcement, and other government agencies across the United States, was the source of the compromise,” the NFCA wrote, according to KrebsonSecurity. “Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”

The leaked data also includes emails, attachments - information including ACH routing numbers, international bank account numbers, personally identifiable information, images of suspects in requests for information, and other reports, according to the NFCA.

The group behind the leak, formed in December 2018, calls itself a transparency collective led by journalists "aimed at enabling the free transmission of data in the public interest."

Yet while DDoSecrets posted the information, it was little unclear right off the bat, where it got it from. An interview in WIRED today with Emma Best, DDOSecrets founder, cleared that up: The files came from someone either affiliated with or representing Anonymous, the decentralized international activist group. If true, it’s the group’s most public act of hacktivism in a decade and could be a sign of things to come.

Tags: Data Breaches, Government

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • How to simplify the classification process
  • Why classification is important to your firm's security
  • How automation can expedite data classification

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.