There was no data breach in the cyberattack against Minneapolis Police

Pierluigi Paganini June 02, 2020

Last week a massive distributed denial-of-service (DDoS) attack shut down the websites and systems of Minneapolis, but there is no evidence of a breach.

Over the weekend, Anonymous demanded justice for George Floyd and threatened to ‘expose the many crimes’ of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck for more than eight minutes.

While widespread civil unrest escalated in the US and the protest against the brutality of the police is spreading in the principal cities, Anonymous released a video, threatening Minneapolis Police Department (MPD) that it will “expose your many crimes to the world.”

On Thursday, the city’s website was not reachable due to the cyberattack that was launched as a retaliation for the death of George Floyd.

Most of the operations at the city were restored quickly, the Minneapolis CIO Fadi Fadhil said announced that the city had put on place proactive measures to mitigate such attacks.

“Although these types of attacks are not completely unavoidable, they are fairly common, and the city of Minneapolis has proactive measures in place to respond to and mitigate disruptions when they do occur,” said Fadhil. “The city of Minneapolis IT continues to monitor its cyber platforms to ensure further disruption doesn’t happen again.”

On Sunday, while the turmoil was continuing in the US, alleged members of the group (@PowerfulArmyGR, @namatikure) announced on Pastebin that the site was hacked and leaked the database of email and passwords.

But some security experts argued that the data were not obtained as result of a security breach occurred during the DDoS attack.

The popular cybersecurity expert Troy Hunt, who operates the data breach notification site Have I Been Pawned, raised doubts of the alleged data leak.

Hunt speculates the data was amassed from past data breaches, most of the email addresses in the leak were already present in Have I Been Pawned.

Hunt analyzed the email in the dump and discovered that some email addresses are duplicated and are reported with different passwords, a circumstance that suggests they were originated from different sources and aggregated to appear the result of the Minneapolis Police hack.

“There are 798 email addresses in the data set but only 689 unique ones. 87 of the email addresses appear multiple times, usually twice, but one of them 7 times over.” reads the Hunt’s analysis. “I’ll come back to the passwords associated with that account in a moment, what I will say for now is that it’s extremely unusual to see the same email address with multiple different passwords in a legitimate data breach as most systems simply won’t let an address register more than once.”

Hunt discovered that of the 689 unique email addresses in the list, 654 of them are already in Have I Been Pwned. 

“The conclusion I draw from this is that a huge amount of the data is coming from aggregated lists known to be in broad circulation.” concludes Hunt.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Minneapolis Police, cybersecurity)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment