A group of hackers has breached several FBI-affiliated websites and uploaded their contents to the web, including dozens of files containing the personal information of thousands of federal agents and law enforcement officials, TechCrunch has learned.
The hackers breached three sites associated with the FBI National Academy Association, a coalition of different chapters in the United States that promotes leadership and training at the federal and law enforcement levels at the FBI training academy in Quantico, VA. The hackers exploited flaws in at least three of the organization’s chapter websites, which we are not naming, and downloaded the contents from each web server.
The hackers then put the data for download on their own website, which we are also not naming or linking given the sensitivity of the data.
The spreadsheets contained roughly 4,000 unique records after the duplicates were removed, including members’ names, a combination of personal and government email addresses, job titles, phone numbers, and their postal addresses. FBINAA could not be reached for comment outside of business hours. If we receive a response, we will update it.
TechCrunch spoke to one of the hackers, who did not identify his name, via an encrypted chat on Friday night.
“We have hacked over 1,000 sites,” said the hacker. “Now we are structuring all the data, and it will soon be sold. I think something else will be published on the list of hacked government sites. ” We asked if the hacker was concerned that the files they made available for download would put federal agents and law enforcement at risk. “Probably yes,” said the hacker.
The hacker claimed to have “more than a million pieces of information” [sic] on employees of various U.S. federal agencies and public service organizations.
It’s not uncommon for data to be stolen and sold on hacker forums and marketplaces on the dark web, but the hackers said they would offer the information for free to prove they had something “cool.”
Unexpectedly, the hacker sent a link to another FBINAA chapter website that they claimed to have hacked. When we opened the page in a Tor browser session, the website had been defaced, showing a screenshot of the encrypted chat moments before.
The hacker, one of more than 10, they said, used public attacks, indicating that many of the websites they accessed were out of date and had out-of-date plugins.
In the encrypted chat, the hacker also provided evidence of other damaged websites, including a subdomain that belongs to the manufacturing giant Foxconn. One of the links provided did not require a username or password, but it revealed the back end of a Lotus-based webmail system that contained thousands of employee records, including email addresses and phone numbers.
His ultimate goal: “Experience and money,” said the hacker.