Pierluigi Paganini
January 30, 2016
A data dump related to a US police association has been leaked online, as well as a backup containing personal information belonging to the member of a forum.
The data dump results from the data breach suffered by the “Fraternal Order of Police” (FOP) organization, which is “the world’s largest organization of sworn law enforcement officers, with more than 325,000 members in more than 2,100 lodges.”
This FOP’s data dump, a 273MB zip archive, includes hundreds of police contracts and thousands of private forum posts by US law enforcement members. The zip file contains two database backups of the forum and entire website of the Fraternal Order of Police (FOP). The total amount of data leaked is roughly 2.5GB in size, but White claims to have 18TB of sensitive material that he has not released.
The man posted an encrypted data dump as insurance, giving the password revealing that password to access it is held by an unnamed third party who will release the precious data if anything happens to White.
The file is shared online as a Magnet/Torrent file, the data dump is served by the Thomas White website, a Briton who goes under the handle The Cthulhu.
“Today I released some files from the Fraternal Order of Police, allegedly the largest union-type body in the US representing sworn-in police officers. Since then, many groups have shared it over social media and other means, for which I thank all who have donated their bandwidth to seed the files over the torrent.” states White’s blog post.
The White’s website is known to security experts, it hosted in the past data resulting from the Hacking Team hack, Ashley Madison and crowd-funding site Patreon data breaches.
This data breach is creating havoc among US law enforcement, because of the content of some posts. Someone tried to threaten White that ignored the menaces and tweeted screenshots of threatening emails he received.
White avoided providing details on the origin of the source, in a message to law enforcement he said:
“I understand you are investigating the case. You are free to email me at any point with any questions you may have and we can arrange a time to talk in a civil manner if you desire, but the meeting is to take place within the UK, as I am a UK citizen. Furthermore, as I am liberty to post the data, I advise against seeking any kind of revenge action as it will be quite fruitless. I have removed all traces back to the source and so investigating me will not lead back to whomever carried out the attack. Furthermore, due to the confidentiality I owe my source, I will not be revealing him/her or any further details of our connection or conversation either.”
The FBI is currently investigating the hack.
The archive is available at the following link:
https://archive.is/8tuPP#selection-11.0-11.35
(Security Affairs – data breach, Fraternal Order of Police)
