UPDATED 23:08 EDT / JUNE 22 2020

SECURITY

269GB of data stolen from US police departments published after ‘BlueLeaks’ hack

Data stolen from hundreds of police departments across the U.S. have been published online in a hack dubbed “BlueLeaks.”

The 269 gigabytes of data was published online by a group calling itself Distributed Denial of Secrets and includes hundreds of thousands of police and U.S. Federal Bureau of Investigation reports, bulletins, guides and more. The data include names, addresses, email addresses, dates of birth, bank account details, images of suspects and more.

According to KrebsOnSecurity referencing an alert from the National Fusion Center Association Cyber Intelligence Network the data was stolen from Netsential, a Houston-based web developer used by police departments.

“Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centers, law enforcement and other government agencies across the United States, was the source of the compromise,” the NFCA wrote. “Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”

“The analysis from the NFCA shared that nearly 24 years of sensitive information was leaked,” Brenda Ferraro, vice-president of third-party risk at the risk prevention firm Prevalent Inc., told SiliconANGLE. “What is alarming with this particular breach is that it can potentially endanger lives. In this instance, where privacy and loss of life is of concern, continuous third-party risk evaluation specific to web development is key to proactively point out risks within the security domain trifecta of identity, access, and web development management.”

Ilia Kolochenko, founder and chief executive officer of web security company ImmuniWeb, reflected Ferraro’s concerns, saying that “the eventual outcome of this leak will likely have disastrous effects for many innocent people, including people charged with crimes who later were acquitted.

“Furthermore, it will jeopardize legally protected people, like witnesses, who helped investigators convict dangerous criminals,” Kolochenko said. “The disclosure will now literally cause the death of the witnesses if their identity is revealed to the criminals or their bloodthirsty accomplices. Finally, it will substantially hinder the performance of daily law enforcement operations across the entire country, bolstering street crimes and violent crime, exposing thousands of helpless people to the risk of serious bodily injuries and death.”

Photo: Marri Blume/Wikimedia Commons

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU