[ad_1]
A group whose website was allegedly defaced over the weekend claims to have received stolen data from an American company that provides facial recognition applications to police.
According to TechCrunch, a group called DDoSecrets claimed after someone replaced content on Odin Intelligence’s homepage. The company was named by Wired.com last week in a news story that Odin’s SweepWizard app leaked sensitive data. SweepWizard helps law enforcement agencies coordinate multi-agency raids.
But Wired says that a misconfiguration could allow anyone with a specific URL to access sensitive information entered by the police. The data included personally identifying information about hundreds of police officers and thousands of suspects.
On Sunday, someone replaced the content of Odin Intelligence’s homepage with ‘ACAB’ in upper case. It explains that this stands for “All CyberCops are Bxxrtds”. It also claimed that “all data and backups were shredded.” According to TechCrunch, the tampering note listed three large archive files that allegedly belonged to Odin Intelligence.
According to TechCrunch, a group called Distributed Denial of Secrets describes itself as “a non-profit organization of journalists dedicated to enabling the free transmission of data for the public good.” It states that it now has those files. It is not explained who sent them.
Distributed Denial of Secrets is a site that posts data stolen by others, including Blue Leaks, 269 gigabytes of internal US law enforcement data obtained by hacktivist group Anonymous in 2020.
TechCrunch quotes DDoSecrets co-founder Emma Best. “We received the data the other day and are processing it.”
The Odin Intelligence website was unavailable this morning. The company sells several services to police departments, including his SONAR, an app for registering sex offenders.
According to TechCrunch, Odin’s chief executive, Erik McCauley, did not return an email seeking answers to questions about tampering and apparent violations.
According to Ilia Kolochenko, founder of ImmuniWeb and member of the Europol Data Protection Experts Network, third-party vendors and suppliers are the “Achilles heel of law enforcement.” In general, website defacement is a low-risk security incident for him, most of the time affecting reputation, he said in an email. However, he added: If the intrusion is confirmed, the alleged intrusion could make him one of the most damaging data breaches of 2023, considering the sensitive and confidential information that could have been compromised by the attacker. there is.
“When law enforcement intelligence data falls into the hands of organized crime, it can have tragic consequences for police officers and undercover agents. Not to mention that police investigations may be futile and criminals may ultimately go unpunished… All law enforcement agencies whose breaches may have affected have The types of data that may have been stolen need to be urgently audited to understand and respond to not only the wide range of possible impacts, but also to the third parties involved. will notify you.”
[ad_2]
Source link
