The hacker group known as "Distributed Denial of Secrets" on Friday released 10 years' worth of data from more than 200 law enforcement agencies across the nation. The doxxing, being dubbed "BlueLeaks," includes "hundreds of thousands of documents," including "police and FBI reports, bulletins, guides, and more." The documents are 269GB.
The group's Twitter account stated the information is being released anonymously, but they took no part in actually obtaining it.
DDoSecrets publishes materials submitted by sources, both leakers and hackers. We provide a stable platform for the public to access data and an anonymity shield for sources to share it, but are uninvolved in the exfiltration of data.
— Distributed Denial of Secrets (@DDoSecrets) June 21, 2020
The release was done as protests and riots over the death of George Floyd continue across the nation. DDOS co-founder Emma Best told Wired that people began sifting through the documents to learn more about how law enforcement is tracking and communicating with one another about the protests.
"It's the largest published hack of American law enforcement agencies," Best said. "It provides the closest inside look at the state, local, and federal agencies tasked with protecting the public, including [the] government response to COVID and the BLM protests."
According to Krebs on Security, the data was obtained through a security data breach at a "fusion center." These centers are owned and operated by states and used to send information between law enforcement agencies at various levels, including the state, local, tribal and federal levels. Any agency's private sector partners also have access to the system.
An alert from the National Fusion Center Association stated the data spans more than two decades, from August 1996 through June 19, 2020. The documents contain sensitive information, like names, email addresses, phone numbers, PDF documents and images.
"Additionally, the data dump contains emails and associated attachments," an NFCA alert obtained by Krebs on Security stated. "Our initial analysis revealed that some of these files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), and other financial data as well as personally identifiable information (PII) and images of suspects listed in Requests for Information (RFIs) and other law enforcement and government agency reports."
PPIs are things like a full name, Social Security number, driver's license number, bank account number, passport number and email address.
The agencies with the most data about them in the leaks include:
- 36 GB Missouri Information Analysis Center
- 19 GB Northern California Regional Intelligence Center
- 14 GB Joint Regional Intelligence Center
- 13 GB Delaware Information and Analysis Center
- 9.4 GB Austin Regional Intelligence Center
- 6.6 GB Southeast Florida Fusion Center
- 5.3 GB FBI Houston Citizens Academy Alumni Association
- 4.9 GB Orange County Intelligence Assessment Center
- 2.9 GB Colorado Information Analysis Center
Best said the group spent a week scrubbing personal information for suspects and victims of crimes, but there was a chance they could have missed something. Before releasing the 296GB of data, they deleted 50GB of that personal information.
NFCA stated the hacking occurred when someone created a user account for the Netsential system. They then uploaded malicious content that allowed them to obtain the entire system's data.