• Search

German Prosecutors Shut Down ‘BlueLeaks’ Database, Seize Server

Zwickau, GERMANY – Authorities have seized the web servers of the organization that published “BlueLeaks,” a data hack that released more than a million stolen files that included American police officers’ personal information.

“We have received official confirmation that #DDoSecrets’ primary public download server was seized by German authorities (Department of Public Prosecution Zwickau file number AZ 210 AR 396/20),” tweeted Emma Best, the founder of Distributed Denial of Secrets (DDOSecrets). “We are working to obtain additional information, but presume it is re #BlueLeaks.”

“The server was used ONLY to distribute data to the public. It had no contact with sources and was involved in nothing more than enlightening the public through journalistic publishing,” Best wrote in another tweet.

“Don’t worry. I’ve been planning for this for days. And days. And weeks. And years. It was always coming to this. It’s always been going to continue. Nothing is over. Not a thing,” she added.

Then she posted what she claimed was the only information she had received about the seizure.

The BlueLeaks data portal was down at the time of publication.

The DDOSecrets Twitter account has been suspended since shortly after the BlueLeaks data was released.

The treasure trove of police data was hacked from multiple “fusion centers” that act as information-sharing hubs for local, state, and federal law enforcement agencies across the nation and released on the Internet on June 19.

The data was supposedly stolen by the Anonymous group, and it was released in a searchable database by DDOSecrets.

Best told Wired that the hacked files included more than a million emails, audio, video, and intelligence files from more than 200 different police departments.

“It’s the largest published hack of American law enforcement agencies,” Best told Wired in texts. “It provides the closest inside look at the state, local, and federal agencies tasked with protecting the public, including [the] government response to COVID and the BLM protests.”

The leaked files actually span a 24-year period – from August of 1996 through June 19 of this year, according to KrebsOnSecurity.

But the names, emails, addresses, and phone numbers of individual officers that were leaked weren’t even the worst part of the hack.

“Our initial analysis revealed that some of these files contain highly sensitive information such as ACH routing numbers, international bank account numbers (IBANs), and other financial data as well as personally identifiable information (PII) and images of suspects listed in Requests for Information (RFIs) and other law enforcement and government agency reports,” according to a report by the National Fusion Center Association (NFCA) that was obtained by KrebsOnSecurity.

The NFCA report said the data was stolen from Netsential, a Houston-based company that acted as a hub for fusion centers.

“Preliminary analysis of the data contained in this leak suggests that Netsential, a web services company used by multiple fusion centers, law enforcement, and other government agencies across the United States, was the source of the compromise,” the NFCA wrote. “Netsential confirmed that this compromise was likely the result of a threat actor who leveraged a compromised Netsential customer user account and the web platform’s upload feature to introduce malicious content, allowing for the exfiltration of other Netsential customer data.”

Best claimed that the data in DDOSecret’s database reveals controversial practices by law enforcement and the tone of discussions about groups like Antifa, Wired reported.

“The underlying attitudes of law enforcement is one of the things I think BlueLeaks documents really well,” she wrote in text messages.

“I’ve seen a few comments about it being unlikely to uncover gross police misconduct, but I think those somewhat miss the point, or at least equate police misconduct solely with illegal behavior. Part of what a lot of the current protests are about is what police do and have done legally.”

Best pushed back on criticism that the BlueLeaks data dump included bank account numbers, routing numbers, and personally identifiable information, Wired reported.

She claimed DDOSecrets scrubbed the data prior to its released.

“Due to the size of the dataset, we probably missed things,” Best admitted to Wired. “I wish we could have done more, but I’m pleased with what we did and that we continue to learn.”

But she said they intentionally included the financial information in the database.

“The potential of the data, especially in the long run and when correlated with other datasets, outweighs any downsides to allowing the public to examine it,” Best explained to Wired.

She compared BlueLeaks to the 2011 Anonymous hack by Jeremy Hammonds, in which data was stolen from police to support Occupy Wall Street protesters.

Hammonds is still serving a 10-year sentence for hacking crimes, according to Wired.

Written by
Sandy Malone

Managing Editor - Twitter/@SandyMalone_ - Prior to joining The Police Tribune, Sandy wrote the Politics.Net column for the Wall Street Journal and was managing editor of Campaigns & Elections magazine. More recently, she was an internationally-syndicated columnist for Conde Nast (BRIDES), The Huffington Post, and Monsters and Critics. Sandy is married to a retired police captain and former SWAT commander.

View all articles
Written by Sandy Malone


Sign up to our daily newsletter so you don't miss out on the latest events surrounding law enforcement!

Follow Me

Follow us on social media and be sure to mark us as "See First."