Hackers publish personal data on thousands of US police officers and federal agents

Media outlet Techcrunch reported that a hacker group has breached several FBI-affiliated websites and leaked the stolen info online.

A hacker group claims to have hacked dozens of websites affiliated with the FBI and leaked online dozens of files containing the personal details of thousands of federal agents and law enforcement officers,

The hacker claimed to have stolen “over a million data” belonging to employees across several U.S. federal agencies and public service organizations.

According to TechCrunch, the hacker has breached at least three websites associated with the FBI National Academy Association. The association promotes federal and law enforcement leadership and training located at the FBI training academy in Quantico, VA. The hackers exfiltrated the contents of each web server and uploaded the stolen files on their own website (the name of the site was not disclosed due to the sensitivity of the data).

The files contained roughly 4,000 unique records and many duplicates. Exposed records included member names, personal and government email addresses, job titles, phone numbers, and postal addresses.

TechCrunch spoke to one of the hackers, who didn’t identify his or her name, through an encrypted chat late Friday.

“We hacked more than 1,000 sites,” the hacker told TechCrunch through an encrypted chat. “Now we are structuring all the data, and soon they will be sold. I think something else will publish from the list of hacked government sites.”

When asked if the hackers were worried that the leakage of the files poses a serious risk to federal agents and law enforcement, they said: “Probably, yes,” .

Yesterday I wrote an article to announce the availability of a decryptor for the CryptoPokemon ransomware that was developed by EMSISOFT.

Shortly after the announcement,  the group that created the ransomware replied with a message that informed of the availability of the source code on GitHub:

Follow the link published by the group in their Twitter profile it was possible to see a website containing (what’s the hacker claimed to be) a dump of leaked FBI data that was uploaded yesterday:

“It’s not uncommon for data to be stolen and sold in hacker forums and in marketplaces on the dark web, but the hackers said they would offer the data for free to show that they had something “interesting.”” states
TechCrunch.

“Unprompted, the hacker sent a link to another FBINAA chapter website they claimed to have hacked. When we opened the page in a Tor browser session, the website had been defaced — prominently displaying a screenshot of the encrypted chat moments earlier.”

The hacker claims to be member of a group that used public exploits, a circumstance that suggests the sites were poorly protected and probably not up-to-date.

The hacker also provided evidence to the journalists to have hacked other websites, including a subdomain belonging to manufacturing company Foxconn.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – FBI, Data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]