A hacker institution has breached several FBI-affiliated websites and uploaded their contents to the web, consisting of dozens of documents containing hundreds of federal agents and law enforcement officers’ private records, TechCrunch has found out.
The hackers breached three websites associated with the FBI National Academy Association, a coalition of various chapters throughout the U.S., promoting federal and law enforcement leadership and education placed on the FBI Education Academy in Quantico, VA. The hackers exploited flaws in at least three of the company’s bankruptcy websites — which we’re no longer naming — and downloaded every web server’s contents.
The hackers then placed the records up for download on their very own website, which we’re also now not naming or linking to, given the sensitivity of the documents.
The spreadsheets contained about four 000 specific facts after duplicates had been eliminated, along with member names, a mix of private and authorities electronic email addresses, task titles, telephone numbers, and their postal addresses.
The FBINAA could not be reached for comment outside of enterprise hours. In a statement Saturday, the FBINAA stated it was working with federal authorities to investigate the breach. “We consider we have identified the 3 affected Chapters that have been hacked, and they’re currently running checks on the breach with their statistics safety government.”
TechCrunch spoke to one of the hackers, who didn’t become aware of his or her name, through an encrypted chat overdue Friday.
“We hacked an extra than 1,000 websites,” stated the hacker. “Now we are structuring all of the facts, and soon they will be sold. I think something else will be submitted from the listing of hacked government websites.” We requested that if the hacker became involved that the documents they placed up for download could put federal dealers and law enforcement at risk. “Probably, sure,” the hacker said.
The hacker claimed to have “over a million information” [sic] on employees throughout numerous U.S. Federal corporations and public service agencies.
It’s no longer uncommon for data to be stolen and offered on hacker boards and marketplaces on the dark web, but the hackers stated they would offer the facts without spending a dime to expose that they had something “thrilling.”
Unprompted, the hacker sent a hyperlink to every other FBINAA chapter website they claimed to have hacked. When we opened the web page in a Tor browser session, the internet site was defaced, prominently displaying a screenshot of the encrypted chat moments in advance.
The hacker — one among more than ten, they said — used public exploits, indicating that most of the websites they hit weren’t up-to-date and had outdated plugins.
In the encrypted chat, the hacker also supplied evidence of different breached websites, consisting of a subdomain belonging to the production giant Foxconn. One of the hyperlinks provided did not need a username or a password. However, it revealed the return key to a Lotus-based webmail gadget containing lots of worker information, such as email addresses and phone numbers.
