Security News > 2020 > June > Minneapolis Police Department Hack Likely Fake, Says Researcher
"Don't spread disinformation and right now, all signs point to just that - the alleged Minneapolis Police Department 'breach' is fake," he wrote, in an analysis posted on Monday, adding that the data is likely not from the MPD at all, but rather a collection of widely available credentials from earlier breaches, and possibly some made-up combinations, that have been assembled into a new database for the purpose of perpetrating this hoax.
Passwords like the all-lowercase "Linkedin"; "Le"; PIN-like passwords like "1603"; and the notoriously insecure "Password," "Qwerty" and "123456" are all represented.
"Then again, people do stupid things with passwords so it's possible. What's less likely is that a current day official police department system would allow an all lowercase 8-character password."
Bottom line: While many are outraged at the police in Minneapolis and this story feeds a retribution narrative, "The data has almost certainly been pulled out of existing data breaches in an attempt to falsely fabricate a new one," Hunt concluded.
"These may well be legitimate MPD email addresses and the passwords may well have been used along with those email addresses on other systems, but they almost certainly didn't come from an MPD system and aren't the result of the police department being 'hacked.'".
News URL
https://threatpost.com/anonymous-hack-minneapolis-police-department-fake/156171/