United States’ Largest Police Union Servers Hacked, Trove of Data Leaked

America’s Largest Police Union Faces Embarrassment as Hackers Post Private Details of Officers Online

America’s biggest police union the Fraternal Order of Police (FOP), which represents around 330,000 law enforcement officers all over the US, is in the news for all the wrong reasons.

Reportedly, the names/addresses of officers, sensitive forum posts related to Barack Obama, and controversial contracts made with city authorities were posted online by hackers on Thursday after breaching the FOP website FOP.net.

According to the FOP, the FBI was investigating the incident in which 2.5GB of data was stolen from the police union website’s server and was exposed online. The data was swiftly shared by users on social media.

FOP.net is the union’s official website and after the hack attack, the site remained offline until Thursday evening.

The national president of the FOP Chuck Canterbury told Guardian that:

“We have contacted the office of the assistant attorney general in charge of cyber-crime, and officials from FBI field offices have already made contact with our staff.”

Screenshot from the leaked data / Source: Thecthulhu.com
Screenshot from the leaked data / Source: Thecthulhu.com

According to Canterbury, no sensitive personal or financial information of the FOP members was obtained by the hackers and only “some names and addresses were taken. It concerns us. We’re taking steps to try to notify our members but that is going to take some time.”

The hackers also leaked threads from the members-only online forum of the FOP including the threads in which some of the officers expressed anger at President Obama, Sonia Sotomayor (Supreme Court justice) and those “illegals” who were residing in the US without documentation.

For instance, Robert Schafer from Virginia initiated a thread in 2010 in which Obama was described as an “antipolice, anti-law and order President.”

In another such post from 2009, Indiana-based Donald Hartman condemned the FOP head for encouraging the “radical socialist” Sotomayor’s nomination. In the same thread, Tennessee resident Anthony Orlando recommended that FOP head must “follow her head, step down and give their seats to a minority or smart latina.”

FOP’s president Canterbury maintains that the union invited security contractors to investigate and as per their analysis, links of this hack attack were traced to a UK-based IP address.

“They were able to feed our system a pseudo encryption key that the system should not have accepted but did because of software errors,” he endorsed.

The Ohio and Tennessee servers of the FOP were examined during the investigation, which is still underway.

In an online post, someone using the screen name Cthulhu admitted about releasing the files after obtaining them from a source who wished these documents to become public on grounds of keeping the sender’s ID anonymous. As per the post, these documents were posted:

“In light of an ever increasing divide between the police groups and the citizens of the US. Our role is simply to present the material in an unadulterated form for the public to analyse.”

In an exclusive conversation with @CthulhuSec, HackRead asked if he fears the police tracking him? His reply was: 

Oh yeah, they are coming for me. They have had a hard-on for me for a while. The problem they have is getting together a half decent case. As somebody who doesn’t roll over that means they actually really need to pull strings to get even small things to stick. Another problem is that I cannot be bought or negotiated with, I’m far too principled to ignore blatant violations of the democratic process and the protection of that democracy.

However, Canterbury feels that the hack attack is a product of the “anti-police rhetoric; this is just a group that is negative towards law enforcement,” he said. In the posting, Cthulhu denied being “anti-police”.

In the post from Cthulhu, it was also revealed that he/she had 10terabytes of police data still remaining to be exposed. But, Canterbury discarded this claim and insisted that it was impossible to get hold of such an enormous amount of information since the FOP systems didn’t have so much data stored.

The exposure also involved hundreds of contracts that were signed by local fraternal order of police lodges and regional authorities across the US. Some of the deals were criticized severely for shielding police officials from disciplinary action or prosecution for excessive use of force.

According to Brooklyn College’s Sociology professor Alex Vitale, the exposed information related to such contracts would be fruitful because it will shed light on agreements that are usually made behind closed doors.

At the time of publishing this article, FOP.net was still offline.

This is not the first time when a law enforcement security related server was hacked. Last year, a pro-Palestinian hacking group managed to compromise JABS, which is a secret portal responsible for managing federal arrests records of law enforcement agencies.

tumblr_nxgk0iunGd1rsxtpgo1_400

Update: 

The official Twitter account of administrator behind the Cthulhu website is claiming that his server was taken offline and the mobile network was blocking him from accessing his own website. 

 

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.