SECURITY
SECURITY
SECURITY
Law enforcement tools company targeted following alleged data breach
The website of ODIN Intelligence LLC, a provider of law enforcement tools including a sex offender tracking system, was defaced on the weekend after it was claimed that the company was exposing law enforcement data online.
First reported by TechCrunch, the defacement included a message that stated, “ACAB” and “no nations! no borders! we are all illegal.” A further message stated that “all data and backups have been shredded” suggesting that those behind the attack had deleted files on the server hosting the website.
The attack on the company’s website followed a report from Wired on Jan. 11 that claimed that SweepWizard, an application offered by ODIN that is used by police to target sex offenders, is leaking data on the open internet. The report claims that private information about suspects was easily accessible and could be used by suspects to avoid arrest or raise suspicion of people who have not been convicted of any crime.
The data leak is said to have been extensive, including confidential details about hundreds of sweeps from dozens of police departments over multiple years. Data found included identifying information about hundreds of officers and suspects, including home addresses, contact information and occasionally Social Security numbers. The report states that the data “was likely exposed due to a simple misconfiguration in the app,” suggesting another case of incorrectly protected cloud storage.
ODIN was previously in the news last year when it was found to be marketing facial recognition technology for identifying homeless people. The marketing pitch for the ODIN Homeless Management Information System used language that was alleged by some to be callous and degrading.
“Third-party vendors and suppliers are actually the Achilles’ heel of law enforcement agencies,” Dr. Ilia Kolochenko, founder of application security company ImmuniWeb SA and a member of Europol Data Protection Experts Network, told SiliconANGLE. “Per se, a website defacement is a low-risk security incident, mostly carrying out reputational consequences. In this case, however, there are various indicators that the website defacement may be just the tip of the iceberg of a major data breach.”
The alleged intrusion, he added, “may be one of the most harmful data breaches of 2023 given the highly confidential and classified nature of the information that could have been compromised by the attackers. If law enforcement intelligence data ends up in the hands of organized crime, it may lead to tragic consequences for police officers and undercover agents.”
Image: ODIN Intelligence
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
