- About 200 police departments in the United States, as well as FBI offices, lost their data due to a breach.
- Hackers targeted and compromised central intelligence collection hubs called “Cyber Fusion Centers”.
- This comes at a particularly difficult moment for law enforcement in the USA, as hackers have additional motives to utilize this data.
About 269 GB of data containing sensitive information from hundreds of American Police departments was leaked online last week. The dump was named “BlueLeaks”, and it contains police reports, FBI guides, bulletins, training and support resources, and more. As for the date of the leaked documents, they span over the last two decades, from August 1996 to June 19, 2020. This means that the breach occurred last Friday, and it concerns a central entity as the simultaneous hacking of approximately two hundred police departments is unlikely.
RELEASE: #BlueLeaks (269 GB)
Ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources. Among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more.https://t.co/sWzdKc2VFc
— Distributed Denial of Secrets (@DDoSecrets) June 19, 2020
Indeed, the breached entity, according to Krebs on Security, is a ‘Cyber Fusion Center’ in the country, whose role is to gather intelligence for analysis, dissemination, and access. These centers operate under the U.S. Department of Homeland Security and the U.S. Department of Justice. As convenient as a central info access database system may be, it comes with the risk of losing everything at once if hackers manage to break in. And in the case of the “BlueLeaks”, the data has been confirmed to be valid, so this is not an Anonymous-style leak that recycles previous leaks and presents them as fresh. It is a catastrophic and highly unveiling leak.
Krebs looked into samples of the leak and found the following information in the PDF documents, videos, images, CSV and ZIP files that were posted:
- Full names
- Email addresses
- Phone numbers
- ACH routing numbers
- Various PII (personally identifiable information)
- Suspect RFIs (requests for information)
This obviously blows the cover of police agents, reveals the details of law enforcement operations, exposes internal intelligence and infrastructure details, and opens the door to more specific targeting. The “BlueLeaks” will now force the entire police network in the United States to reset what can be reset, move to different accounts, and just sustain the damage where mitigation is impossible.
What this leak doesn’t do is helping the ‘Black Lives Matter’ movement and the legal actions that spun from human rights advocates in any direct way. The data that’s stored and handled in fusion centers aren’t likely to contain any evidence of police misconduct or scandals. Right now, the situation in America is quite flammable, with violent events taking place in the streets every night, people demanding their states to defund the police departments, and the latter responding with fierce crackdowns where and when they are given a chance. Due to all that, “BlueLeaks” holds an additional significance, and many hackers will use the exposed data to move deeper into the systems of police departments.