Hackers Reportedly Post Data on Law Enforcement Officers
Breach Response
,
Data Breach
,
Data Loss
FBI National Academy Associates Says Three Chapters Apparently Hacked
Federal law enforcement authorities are investigating an apparent breach of three chapters of FBI National Academy Associates, a nonprofit training and education organization that's independent of the FBI.
See Also: Live Webinar | Passwords: Here Today, Gone Tomorrow? Be Careful What You Wish For.
Attackers claim to have posted data on thousands of law enforcement officers obtained from the organization, according to news reports.
FBI National Academy Associates serves about 17,000 law enforcement personnel who have graduated from the FBI's National Academy Program.
The leaked data includes personal information on more than 23,000 individuals, many of whom work in law enforcement, according to NBC News. The data includes names, job descriptions, email addresses and some street addresses as well as email addresses belong to FBI.gov and other federal, state and local agencies, NBC reports.
Tracking the Breach
The hacking group apparently accessed the data late last week and then posted it on its own website to show that the attack took place, according to TechCrunch, which reported on the incident Saturday.
Since then, the Associated Press and other news organizations report that they saw all or part of the leaked data, but none of the news outlets linked to the data or named the group apparently involved. The group claims to have been active since 2014, according to NBC.
The AP said hacked records belonging to 1,400 law enforcement agencies, including the FBI, Secret Service, Capitol Police, U.S. Park Police as well as state and local agencies, are available on the hacker group's site.
The hacker group's Twitter handle has been removed, although its website seems to be accessible, according to AP.
TechCrunch reports that a hacker claiming to be with the group that hacked FBINAA said the group has "over a million" pieces of data on various law enforcement agencies and is making plans to release more and possibly sell the information.
FBINAA's Investigation
On Saturday, FBI National Academy Associates issued a statement acknowledging it was cooperating with a federal investigation of the apparent breach.
"We believe we have identified the three affected chapters that have been hacked, and they are currently working on checking the breach with their data security authorities," the statement noted. "We have checked with the national database server/data provider and they have assured us that the FBINAA national database is safe and secure.
The statement also said: "In each of these instances, a third-party software was being used by the affected chapters. However, it is still too early to determine if this impacted the breach."
FBINAA declined to offer further comment.
What Happened?
The hacking group may have taken advantage of a web application vulnerability to gain access to the network and then hunt for a database, says Terence Jackson, the CISO of the Washington-based security firm Thycotic Software.
"As more information becomes available, we will likely learn that a vulnerability was exploited in a web application," Jackson says. "Similar to the Equifax breach, this highlights not only the importance of vulnerability management, but also the mean time to detection of unauthorized access."
Karl Steinkamp, a director at Coalfire, which provides cybersecurity consulting, says: "Unfortunately, these types of hacks are becoming more commonplace against not only enterprises, but the federal government. This hack is particularly concerning because it puts law enforcement personnel and others at direct risk by exposing their job descriptions and physical locations and making that information publicly available."
Gloss