A group of hacktivists and transparency advocates has leaked online hundreds of thousands of sensitive documents allegedly stolen from more than 200 police departments, fusion centers, and law enforcement agencies across the United States.
Fusion centers were established to allow government entities to share intelligence.
The DDoSecrets group did not steal the information, instead received it from hackers allegedly members of the Anonymous collective.
In a post on Twitter, DDoSecrets explained that BlueLeaks archive includes “ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources,” and that “among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more.”
The BlueLeaks dump includes over millions of files including images, documents, video and audio files, text files, emails, and more. BlueLeaks also contained reports on some protests in the US, including the recent Black Lives Matter protests.
According to the popular investigator security Brian Krebs, BlueLeaks results from a security breach at Houston-based web hosting company ‘Netsential Inc,’ where the webserver for National Fusion Center Association (NFCA) is hosted.
“Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centers, law enforcement, and other government agencies across the United States, was the source of the compromise,” the NFCA wrote. “Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”
NFCA confirmed that the “dates of the files in the leak actually span nearly 24 years — from August 1996 through June 19, 2020 — and that the documents include names, email addresses, phone numbers, PDF documents, images, and a large number of text, video, CSV and ZIP files.”
Netsential confirmed that a threat actor compromised the account of one of its customers and used the web platform’s upload feature to steal other Netsential customer data, including several U.S. police agencies, including Fusion Centers.
(SecurityAffairs – hacking, 5G)