A group is claiming it has received stolen data, allegedly from an American firm that supplies a facial recognition application to police whose website was defaced on the weekend.
According to TechCrunch, a group called DDoSecrets made the claim after someone replaced the content of the home page of Odin Intelligence. That company was named by Wired.com last week in a news story saying Odin’s SweepWizard app leaked sensitive data. SweepWizard helps law enforcement agencies co-ordinate multi-agency raids.
But Wired said a misconfiguration could allow anyone knowing a certain URL to access confidential details entered by police about hundreds of sweeps from dozens of departments over many years. The data included personally identifying information about hundreds of officers and thousands of suspects.
On Sunday, someone replaced the content of Odin Intelligence’s home page with the large letters “ACAB,” explaining that is short for “All CyberCops are Bxxrtds.” It also claimed “all data and backups have been shredded.” TechCrunch said the defacement note mentioned three large archive files allegedly belonging to Odin Intelligence.
TechCrunch said a group called Distributed Denial of Secrets, which describes itself as a “journalist non-profit devoted to enabling the free transmission of data in the public interest,” now says it has those files. It doesn’t explain who sent them.
Distributed Denial of Secrets is a site that posts data that others have stolen, such as Blue Leaks, 269 gigabytes of internal U.S. law enforcement data obtained by the hacktivism collective Anonymous in 2020.
TechCrunch quotes Emma Best, co-founder DDoSecrets, saying “We received the data the other day and are processing it.”
This morning, Odin Intelligence’s website was unavailable. The company sells several services to police departments, including SONAR, an app for registering sex offenders.
TechCrunch says Odin chief executive Erik McCauley did not return emails requesting answers to questions about the defacement and apparent breach.
According to Ilia Kolochenko, founder of ImmuniWeb and a member of Europol Data Protection Experts Network, third-party vendors and suppliers “are the Achilles’ heel of law enforcement agencies.” Generally, a website defacement is a low-risk security incident, mostly carrying out reputational consequences, he said in an email. But, he added, “in this case, there are various indicators that the website defacement may be just the tip of the iceberg of a major data breach. If confirmed, the alleged intrusion may be one of the most harmful data breaches of 2023, given the highly confidential and classified nature of the information that could have been compromised by the attackers.
“If law enforcement intelligence data ends up in the hands of organized crime, it may lead to tragic consequences for police officers and undercover agents. This is not to mention that years of complex and resource-consuming police investigations may be wasted and criminals eventually go unpunished … All law enforcement agencies that the breach could have impacted should urgently audit what kind of their data could have been stolen to understand and respond to the broad spectrum of possible implications, as well as rapidly notify concerned third parties.”