Several FBI-affiliated websites have faced breaches in security. The breaches have resulted in massive data leaks. These data leaks contain personal data of around a thousand law enforcement agents. The data has been uploaded to public domains and is available for public disclosure.
A hacker group compromised the security of three websites that are linked with the FBI National Academy Association. The Academy association is a collaboration of different departments which uphold and teach law enforcement leadership skills at the FBI training academy in Quantico, Virginia.
Hackers targeted the flaws and loopholes in the law enforcement institute’s sub-domain websites. Sources are keeping the names of the websites hidden due to the nature of work that the websites do. The hackers downloaded a lot of back end data from the servers of each website.
Furthermore, after downloading that data, they uploaded that data on their own website. Sources are not leaking the name of the hackers’ websites to avoid further security leaks.
The data is available in spreadsheets. After removing duplicitous content around 4000 entries were found which contained pretty sensitive data such as the names, government email addresses, job titles, phone numbers, and their postal addresses. So far, the FBINAA has not given us any statement regarding the situation.
Hacker gives a statement in Chat
According to a hacker’s chat with the sources, who kept his identity hidden and discrete, “We hacked more than 1,000 sites,” said the hacker. “Now we are structuring all the data, and soon they will be sold. I think something else will publish from the list of hacked government sites.” Sources asked the hacker whether this act will put law enforcement agents in any danger or risk? The hacker replied in the affirmative.
He further said in his chat that they have “over a million data.” (sic) on law enforcement agents across different agencies and organizations.
Although, it’s not the first instance of data of law enforcement being sold on the deep and/or dark web. However, this time hackers are not putting a price tag on this data leak and are offering it for free to show off something “interesting.”
The hackers also gave a link to a website, which when opened in Tor browser showed that the link belonged to a sub-domain website of the FBINAA. The website was seen to be tampered with showing the screenshots of the chat between the hacker and the sources.
Furthermore, the hackers claimed that their group was 10 in number and they hit the websites using public terminals, in order to exploit and leak the personal data. This indicates that the websites were outdated and didn’t have the latest plugins.
Experience and Money
Moreover, the hacker gave evidence of the other breached websites, which also included a subdomain of Foxconn. The links contained a link which was accessible without a username password. This particular link gave access to a webmail system based on Lotus. This system contained agent records, which contained phone numbers and email addresses.
According to the hacker, their end goal is “Experience and money.”
Let us know what you think about the hacker situation in the comment section below!
Also, read about Apple’s legal stand against the FBI in Tim’s Cook biography.