Fraternal Order of Police Data Stolen, Leaked

Data purported to belong to The Fraternal Order of Police was leaked online Thursday.
Data purported to belong to The Fraternal Order of Police was leaked online Thursday.

In-brief: The web site of the Fraternal Order of Police, an organization representing law enforcement officers in the United States, was offline Friday after reports that data stolen from the Order was posted online. 

The web site of the Fraternal Order of Police, an organization representing law enforcement officers in the United States, was offline Friday after reports that data stolen from the Order was posted online.

The Fraternal Order of Police has more than 325,000 members in 2100 local chapters. Links to data purporting to belong to the Order appeared Thursday, including a 1 gigabyte archive named “GrandLodge_DB_Backup” and another 7 megabyte archive labeled “Jforum_backup.” The links were circulated via Twitter by The Cthulhu (@CthulhuSec). That account has been linked in the past to Thomas White, a UK-based civil liberties and privacy advocate. An e-mail to White seeking comment on the link was not responded to prior to publication. White and The Cthulhu account have been linked to the release of data from previous hacks, including data from the grey hat group The Hacking Team and the crowd funding site Patreon.

Contacted by The Security Ledger, The Fraternal Order of Police was not immediately available to offer comment on the apparent security breach.

In a blog post, The Cthulhu said the stolen data was provided by an unnamed source as a public service and “in light of an ever-increasing divide between the police groups and the citizens of the US.”

“My role in this is to ensure the information is accessible to all so that a proper analysis may be done by both established media outlets and individual investigators who wish to expose any wrongdoing,” the post reads.

The Security Ledger has not viewed the stolen data. A report from The Guardian says that the dump contains “hundreds of contracts between regional authorities and local fraternal order of police lodges.” Those contracts are rarely subject to public scrutiny and, in recent months, have been targeted as a tool for shielding police officers from disciplinary action.

Further, The Cthulhu claims that the 1 gigabyte of leaked data is a small fraction of the data stolen, which totals 18 terabytes and includes “information that is classified or sensitive.” That data has not been made public, but The Cthulhu issued a veiled warning to “any police found to be interfering with the free press or activists wanting to expose wrongdoing” that their name would be “at the top of the list for material releases”.

The exact mechanism by which hackers obtained the data from the Fraternal Order of Police isn’t known. However, the Order’s decision to take its web site offline suggests that it may have been the root of the attack – perhaps via an application attack. Surveys of web site security find that well known vulnerabilities such as SQL injection continue to be common.

A report released this week from the Online Trust Association estimated that nine of every ten data breaches that occurred in the first eight months of 2015 was “easily avoidable” using simple and well-established security practices, such as applying software patches to a server.

One Comment

  1. A Regular Reader

    Paul, I’ve been reading your site for years, and after all this time (and a whole lot of frustration) I wanted to finally bring up an issue that’s been driving me crazy. While I understand the power of SEO and that you want to make sure you get to the top of the IoT and security results on search engines, your hotlinks almost never have anything to do with the actual content they *represent* themselves to point to — instead of linking to the other articles, or the email, or the other people, etc, they almost always point back inwards to general topic links on your site.

    I’m not saying I don’t see the monetary value in this, but it makes your articles barely more than a starting point, when you’re clearly already doing the research already and basically making us re-do the work to follow a topic you bring up instead of linking us to the actual content referred to in your blog posts.

    I don’t really have a right to ask you to stop doing in-links, and I obviously don’t have a right to demand that you do external links to the things you’re actually referring to, but I did want to let you know that it’s driving at least one of your readers that does NOT turn ads off so you get revenue completely bonkers.

    I’m wondering what you might be willing to do to rectify/ameliorate this? If nothing, I guess that’s your right (it is your blog) but on the off-chance you didn’t realize how frustrating it could be I wanted to bring it up in hopes you might consider changing how you do your links.

    Thanks for your time.