Hundreds of thousands of law enforcement officials had their private information exposed as a result of last month’s “BlueLeaks” data dump, a person involved reported Wednesday.
Micah Lee, a member of the advisory board for the group that released the data, published a fresh analysis of its contents nearly a month since the material was first made public.
The leak contains data including the private details for more than 711,000 accounts from across 251 different law enforcement websites that were recently hacked, Mr. Lee reported.
“The vast majority of people who have logins on these hacked websites are law enforcement officers,” he reported for The Intercept, where he serves as head of information security.
The scope of the hacked data varies by the site, but Mr. Lee reported that in many instances it includes private or otherwise sensitive information about law enforcement personnel.
Among the data, he noted, are the details of more than 29,000 accounts for the Northern California Regional Intelligence Center, which itself works with local and federal agencies.
Those details, Mr. Lee noted, include the full name, rank, police department, and home and email addresses, among other information for the nearly 30,000 compromised account holders.
All of the hacked sites were made by a Texas firm, Netsential, and hosted on the same servers and running the same insecure content management system, or CMS, Mr. Lee reported.
“Netsential can confirm its web servers were recently compromised,” the company said in a statement. “We are working with the appropriate law enforcement authorities regarding the breach, and we are fully cooperating with the ongoing investigation.”
The data was released on June 19 by Distributed Denial of Secrets, a transparency group launched in 2018. Mr. Lee sits on the group’s board of advisers with a half-dozen others.
Distributed Denial of Secrets said upon releasing the data that it was provided to the group by a person or persons associated with the loose-knit Anonymous hacktivist movement.
Twitter subsequently banned the transparency group’s account on the social media service for violating its rules against sharing hacked or stolen material. Reddit, consistently one of the nation’s most popular websites, has since removed an online forum dedicated to discussing “BlueLeaks” and the revelations made possible by the material’s publication.
The data remains available online, although German authorities recently seized a server that had been hosting some of it, The Associated Press reported earlier this month.
“I think the bans are simple attempts to slow or stop the spread of the information and news,” Distributed Denial of Secrets co-founder Emma Best told The Intercept. “The fact that the server was seized without a warrant or judicial order and now sits idle while the Germans debate whether or not to let FBI have it simply emphasizes the conclusion that censorship and retaliation, not just investigation, are the driving forces.”
The FBI declined to comment.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.