Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

AntiSec hackers dump data after hacking police websites

10 gigabytes of law enforcment data is dumped after an online marketing firm used by rural Sheriff's is hacked

The war between law enforcement and the Anonymous hacking collective continued this weekend as hackers dumped a 10 gigabyte database that included private e-mails and information sent by confidential informants. Hackers say they stole information during an attack on more than 70 small-town law enforcement agencies.

The hackers, an Anonymous-affiliated group known as AntiSec, say that they hope to "embarrass, discredit and incriminate police officers across the US," in retaliation for ongoing arrests of Anonymous members.

AntiSec said that it had compromised servers at Brooks-Jeffrey, a Mountain Home, Arkansas, company that runs a computer store and online marketing firm. Brooks-Jeffrey Marketing builds websites for sheriff's agencies throughout the southern United States. "It took less than 24 hours to root BJM's server and copy all their data to our private servers," AntiSec said in a statement, posted Saturday.

Brooks-Jeffrey could not immediately be reached for comment.

The hackers had already knocked many of the sheriffs' websites offline last week, but on Saturday AntiSec showed that it had gone beyond mere Web defacement, by posting e-mail messages, passwords, social security numbers, credit card numbers as well as messages from confidential informants.

In the U.S., the criminal investigation of Anonymous is being led by the U.S. Federal Bureau of Investigation. The sheriffs' sites appear to hit simply because they are part of the law enforcement community and because a security flaw at Brooks-Jeffrey made them an easy target for the hackers.

Hackers will often hit third-party service providers as a stepping stone toward more sensitive targets. Earlier this year, online marketer Epsilon Data Management was compromised, forcing dozens of companies, including J.P. Morgan, Verizon, and TiVo, to warn millions of customers that their email addresses had been stolen.

Many of the defaced sheriffs' websites had been restored by Sunday morning. The victims include sheriffs in Arkansas, Mississippi, and Missouri.

The hackers claim to have obtained passwords, contact information and social security numbers from the Missouri Sheriffs' Association's website, which remained offline Sunday.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Epsilon Interactive, Federal Bureau of Investigation, IDG, Morgan, TiVo, TiVo, Verizon, Verizon
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: anonymous, cybercrime, government, legal, Missouri Sheriffs' Association, security
Latest Blog Posts
Whitepapers
  • Risk management: ensuring the security of your hosted information
    Organisations of all sizes are becoming victims to cybercriminals, data breaches, information theft and security risks. But before you go out and spend a fortune on security software, solutions and consultants, the starting point is to identify and measure your business’s exposure to those risks. In this whitepaper, “Exploring, Identifying and Measuring” risk, we examine how to identify risk and share an approach for identifying and measuring risk in your organisation.
    Learn more »
  • Consolidation Without Compromise
    Virtualisation of computer, storage and infrastructure is enabling the transformation of enterprise datacentres into private clouds. The impact is an unprecedented ability to consolidate infrastructure without compromise: no change to service level agreements (SLAs), no loss of performance or scale, and no regression in the organisation’s overall security posture. Read on.
    Learn more »
  • CISO Guide to Next Generation Threats - Combating Advanced Malware, Zero-Day and Targeted APT Attacks
    Over 95% of businesses unknowingly host compromised endpoints, despite their use of firewalls, intrusion prevention systems (IPS), antivirus and Web gateways.1 Today’s attacks look new and unknown to signature-based tools because the attacks employ advanced malware and zero-day vulnerabilities. To regain the upper hand against next-generation attacks, enterprises must turn to true next-generation protection: signature-less, proactive and real time. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments