German authorities have reportedly seized a server hosting the massive BlueLeaks data dump, which was released earlier in June and exposed thousands of sensitive police department and law enforcement files.
According to a Wednesday report by PCMag, the server was based in Falkenstein, Germany and was seized after a request from the U.S. government. BlueLeaks was published in June by DDoSecrets (Distributed Denial of Secrets), a self-proclaimed “transparency collective” that publishes covert data.
“We have received official confirmation that #DDoSecrets’ primary public download server was seized by German authorities (Department of Public Prosecution Zwickau file number AZ 210 AR 396/20),” said Emma Best, founder of DDoSecrets, in a Tuesday Twitter post. “We are working to obtain additional information, but presume it is re #BlueLeaks.”
The almost 270 gigabytes of data was reportedly collected from 200 police departments, law enforcement training and support resources and fusion centers, which are state-owned entities that gather public safety data. According to reports, the data dates back to 1996 and was obtained in a data breach last month of Netsential, a supply chain company used by fusion centers, law enforcement and other government agencies across the United States.
Best said, the server was only used to distribute data to the public: “It had no contact with sources and was involved in nothing more than enlightening the public through journalistic publishing,” Best said on Twitter.
https://twitter.com/NatSecGeek/status/1280519169151205381
Data included in the leak comes from various agencies, including the Missouri Information Analysis Center (36 gigabytes), Northern California Regional Intelligence Center (19 gigabytes), Joint Regional Intelligence Center (14 gigabytes) and Delaware Information and Analysis Center (13 gigabytes).
The “BlueLeaks” data shed light on police departments, particularly as protests continue to spread across the globe in the wake of George Floyd’s death. After the release of “BlueLeaks,” various Twitter users scoured the data, including reports that point to the FBI’s monitoring of social media activity related to the Black Lives Matter protests.
BEC and enterprise email fraud is surging, but DMARC can help – if it’s done right. On July 15 at 2 p.m. ET, join Valimail Global Technical Director Steve Whittle and Threatpost for a FREE webinar, “DMARC: 7 Common Business Email Mistakes.” This technical “best practices” session will cover constructing, configuring, and managing email authentication protocols to ensure your organization is protected. Click here to registerfor this Threatpost webinar, sponsored by Valimail.