BlueLeaks data dump leaks 269 GB of data from hundreds of US police departments

269 GB of data from police departments across the United States has been publicly released by a hactivist group going by the name Distributed Denial of Secrets (DDoSecrets).



DDoSecrets, sometimes called an alternative to WikiLeaks, published the 269 GB collection last week. Dubbed “BlueLeaks”, the collections contains data from over 200 US law enforcement agencies and likely includes highly sensitive information. It is also publicly available on a searchable website. DDoSecrets is a known hacktivist group that publishes hacked data, and claims to have received the information from the infamous hacktivist group Anonymous.

“Distributed Denial of Secrets (“DDOS”) is a transparency collective, aimed at enabling the free transmission of data in the public interest. We aim to avoid any political, corporate or personal leanings, and to act as a simple beacon of available information. As a collective, we do not support any cause, idea or message beyond ensuring that information is available to those who need it most – the people,” is how the group describes itself on its official website. It claims to not get involved in hacking, but rather to provide a platform for stolen data to be published.

In a Twitter post, the group said the BlueLeaks data dump, released on Juneteenth (June 19th), contains “ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources”. The data includes police and FBI reports, bulletins, guides and more. Fusion centers are entities that allow law enforcement agencies to share information, resources, and expertise with one another in order to prevent criminal and terrorist activities.

DDoSecrets tweet

According to an internal alert by the National Fusion Center Association (NFCA) obtained by KrebsOnSecurity, the data dump contains 24 years worth of data (from August 1996 to June 19, 2020), and includes information such as names, email addresses, phone numbers, PDF documents, images, text, video, CSV and ZIP files. Furthermore, some of the files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), other financial data, personally identifiable information and images of suspects.

It is suspected that the leak originated from a security breach at Netsential, a web development firm that handles websites for many law enforcement agencies.

“Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data,” the NFCA alert read.

Leaked data could be exploited by cyber criminals

Stewart Baker, an attorney at Steptoe & Johnson LLP, noted that the leaked documents are unlikely to reveal much information on police misconduct, but could disclose highly sensitive information related to investigations. This, according to Baker, could potentially lead to investigations being compromised, and lives put at risk.

“Every organized crime operation in the country will likely have searched for their own names before law enforcement knows what’s in the files, so the damage could be done quickly. I’d also be surprised if the files produce much scandal or evidence of police misconduct. That’s not the kind of work the fusion centers do,” Baker said.