View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Huge Data Dump of Police Files Dubbed “Blue Leaks” Leaked Online

"The eventual outcome of this leak will likely have disastrous effects for many innocent people"

By claudia glover

Nearly 270 gigabytes worth of sensitive files including FBI, “fusion center” and police department data from across the US dubbed “Blue Leaks” has been stolen and leaked online on June 19 by a collective called DDoSecrets.

Fusion centres are hubs for threat and intelligence sharing. The concept was created after September 11, in a bid by the Department of Homeland Security to improve cooperation between state, local, and territorial law enforcement

The National Fusion Centre Association (NFCA) says that the data was taken after a security breach at web development firm Netsential in Houston, Texas. It includes 490 documents pertaining to the UK. Computer Business Review was not immediately able to open these to assess the contents.

DDoSecrets stated that the Blue Leaks archive spans “ten years of data from over 200 police departments, fusion centres and other law enforcement training and support resources […] among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more”.

Investigative security news site KrebsOnSecurity obtained internal analysis by the NFCA, confirming the validity of the leaked data. The Association divulged that the data goes as far back as August 1996 all the way through to its release on June 19, or Juneteenth; Emancipation day in America.

Blue Leaks  Data Dump

The NFCA alert said the document dump includes a large number of  text, video, CSV and ZIP files, including “highly sensitive information such as AHC routing numbers, international data bank account numbers (IBANs) and other financial data as well.”

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

It also includes agents’ names, phone numbers, email addresses, images, PDF documents and more.

“Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s  upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data”.

What Will Happen With the Data?

The effects of the data leak have had a mixed reception.

While the date of release and the subject of the data points towards hacktivism on the side of the Black Lives Matter protesters, many are denouncing the act as dangerous, expressing worry for those whose sensitive information has been leaked.

Founder and CEO of web security company ImmuniWeb Ilia Kolochenko explained his take on the leaks:

“The eventual outcome of this leak will likely have disastrous effects for many innocent people. First, it will likely inflict irreparable reputational, financial and even physical harm to suspects and people charged with crimes who later were acquitted in a court of law.

“The underlying motives of the publication are obscure for the time being […] Given the surrounding technical circumstances of the leak, it may be reasonable to suppose that the perpetrators have left numerous traces and digital footprints while exfiltrating the data and publishing it online.

“From a technical standpoint, it is a painful reminder that third-party security is essential to protect your organization from cyber threats in 2020”.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.