Security News > 2020 > June > Report: ‘BlueLeaks’ Exposes Sensitive Data From Police Departments

Thousands of sensitive police department files - including police and FBI reports - were published on Friday by DDoSecrets, a self-proclaimed "Transparency collective" that publishes covert data.

DDoSecrets said on Twitter that it contains ten years of data, from over 200 police departments, law enforcement training and support resources and fusion centers, which are state-owned entities that gather public safety data.

According to a Wired report, DDoSecrets obtained the data from a person self-represented as "Capital A Anonymous." A report by KrebsOnSecurity, which first broke the news, said that the leak itself reportedly stems from a data breach at Houston-based web development firm, Netsential, which maintains a number of state law enforcement data-sharing portals, according to the NFCA's report.

Security experts say that the government needs to be more careful in relying on third-parties to have access and control over data - particularly sensitive data.

"The BlueLeaks hack is the latest example of malicious actors targeting third-party vendors to access sensitive government data," Mike Rieme, global chief security architect at Pulse Secure said via email, "Despite the fact that poor security practices among contractors often result in larger breaches like this one, which included data from over 200 law enforcement agencies, reliance on third-party entities to manage data and digital services continues to grow in the government sector."

News URL

https://threatpost.com/report-blueleaks-exposes-sensitive-data-from-police-departments/156806/