‘BlueLeaks’ Hackers Do Data Dump, Expose U.S. Cops’ Personal Info

‘BlueLeaks’ Hackers Do Data Dump, Expose U.S. Cops’ Personal Info

By Stephen Owsinski

It has been a tumultuous few years for American law enforcement officers, especially lately, with anti-cop sentiments growing fangs and sniping from putrid platforms unambiguously telegraphing desires to defund, disband and outright abolish police.

As antagonists call to erase the American law enforcement institution while beating their battle drums, behind-the-scenes phantoms with skills to sift through bytes containing sensitive information have been busy, namely targeting U.S.-based police officers’ private information. Sinisterly, they have succeeded in their nefarious endeavor, exposing thousands of cops’ names, photos, banking account information, email addresses, phone numbers, videos, texts, and a bevy of batched files pertinent to police officers and the FBI.

Can only imagine how many of the roughly 900,000 law enforcement officers in the United States have been serving the public since August 1996 forward, as that is how far retro this hack encompasses.

How does such an egregious action transpire? A web development company named Netsential in Houston was essentially responsible for overseeing and safeguarding websites respectively belonging to a host of law enforcement agencies around the country. Akin to the Edward Snowden saga involving WikiLeaks, hackers had a field day after breaching Netsential, and a company that goes by the name of Distributed Denial of Secrets (DDoS) is involved. They’re calling their data dump “BlueLeaks.”

A report by KrebsOnSecurity.com offered the following synopsis: “Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the Web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.” Gotta admire technical skills while also deploring unethical, immoral and potentially deadly outcomes employed by nefarious hackers getting jollies behind a screen.

The Distributed Denial of Secrets site opens with the following proclamation billing itself as a conduit of do-gooders aiming to acquire information and furnishing it to other entities who it deems may be instrumental in exposing it for the public interest: “Distributed Denial of Secrets is a transparency collective, aimed at enabling the free transmission of data in the public interest. We aim to avoid any political, corporate, or personal leanings, and to act as a simple beacon of available information. As a collective, we do not support any cause, idea or message beyond ensuring that information is available to those who need it most: The people.

“While we are happy to serve as an index to data of all varieties, all must meet the following two criteria:

  • Is the data of public interest?
  • Can a prima facie case be made for the veracity of the contents?

“Unless already public, or as authorized by our source, we do not disclose the providing party of any received information, and we are fully committed to ensuring their anonymity from all threats. We can never advise on the perfect procedure for transferring data to us or anyone else, but we can act as a shield for that process and share advice from our experience. Often our role is to not just make data available, but to act as an anonymity guard to pass data to journalists and other figures best positioned to interrogate it.” How’s that for insulating oneself while also skirting responsibility under the premise they are doing good deeds? They sound more like an insurance carrier (underwriting policies whereby they come out unscathed) than a group of data diggers.

Here’s a laughable line from one of their self-centered descriptions and qualifications: “The state of ‘leaking’ organizations has deteriorated, poisoned by their various egos and interests. Our view is that data is a resource and a record—this data can never tell the whole story. We trust the public to be responsible with data and open it to them for rigorous examination of it. Given enough time and data, the truth can always emerge.” So, they are the harbingers of integrity, maintaining a mask, while forwarding personal info to other conduits who offer said material for the public to use responsibly. I suspect they’d want to write their own white paper on hubris and the utter arrogance of others—you know, Teflon-coated and without egos or interests. Doesn’t it take interest to even launch such an entity?

These phantoms skilled at hacking others’ info without invitation and with delusions that they are not doing anything wrong are a laughable lot of intrusive geeks who’d cry if their personal details were hijacked in this way and with this self-indemnifying script.

According to Forbes, someone named Emma Best pulled the trigger on this thing, and “BlueLeaks” is the fruits of her labor. To their credit, Twitter suspended the Distributed Denial of Secrets account over BlueLeaks, a deserving social media jail sentence.  But what about the boatloads of sensitive police information?

In all, 200-plus law enforcement agencies’ data was breached and shared publicly, thanks to the nefarious handiwork of Ms. Best and her company. Question is: What legal recourse do police officials have while they go about building defenses against physical harm, property destruction, and financial ruin?

Years ago, Florida legislated protections for bona fide police officials, fire personnel, prosecutors and judges, statutorily privatizing their personal information such as driver license details. In effect, the aforementioned government professions were granted entitlement to list their workplace address in lieu of personal residence, etc.

Whether by intent or sheer coincidence, the “leaks landed on Friday, June 19, a holiday known as Juneteenth commemorating the end of slavery in the U.S.,” according to Forbes. And among the data leaked publicly are a few details which pose imminent danger to cops: “tactics used to injure law enforcement” stands out among others, to include police intelligence reports. Anyone in possession of any police game-plan regarding government operations to nab violent criminals engenders sabotage and caters peril to our nation’s crime-fighters, period. In this context, BlueLeaks and all those involved in publicizing it have incriminated themselves beyond reckless, especially if any LEO is maimed or killed due to their pangs to jeopardize the police profession.

Colorizing the issue is Washington, DC-based attorney Stewart Baker, whose prior legal services were as assistant secretary of policy on behalf of the United States Department of Homeland Security: “With this volume of material, there are bound to be compromises of sensitive operations and maybe even human sources or undercover police, so I fear it will put lives at risk. Every organized crime operation in the country will likely have searched for their own names before law enforcement knows what’s in the files, so the damage could be done quickly. I’d also be surprised if the files produce much scandal or evidence of police misconduct. That’s not the kind of work the fusion centers do.” The “fusion centers” Mr. Baker refers to are those state and federal-owned criminal justice information centers whose databases house all-things-criminal-justice, excluding the internal wake such as police misconduct cases. This is the tell: the hackers behind this massive public exposure of private records is not necessarily about disclosing bad cops, it’s about poking cops in the eyes and enjoying the fallout born of other emotion-fueled anti-police activists without a care in the world about endangering lives…police family lives.

So, where is the justice in all this muck? There are several ways to investigate this, and rest assured the due diligence of many police personnel among the over 200 law enforcement entities and investigations exposed are already synced with federal law enforcement needling through the labyrinth of underground sorts who derive pleasure by hacking the lives of others. Frankly, the Distributed Denial of Secrets is not entirely a secret. There are insights they offer in code —right on their website touting pride in what they do— from which an equally talented team of hackers working for the government can tap and connect dots until basement hackers are shackled. Dually, cops’ lives and police operations/investigations depend on it.

Leave a Reply