An FBI-run law enforcement portal has been breached by an aggressive hacker group, Crackas With Attitude (CWA). The Law Enforcement Enterprise Portal, known as LEO.gov, is where local and federal law enforcement officials can connect and share information. CWA allegedly broke in to the portal, stole law enforcement officials’ personal data, and posted the information online. They also posted screenshots from FBI Deputy Director Mark Giuliano’s private e-mail account that he shares with his wife.
CWA was in the news last month as well when they hacked into the AOL e-mail account of CIA Director John Brennan.
What Kind of Information Did the Hackers Steal?
CWA spoke with WIRED directly to explain their hack in greater detail. The hackers say they found a vulnerability in LEO.gov that allowed them to gain access to many different law enforcement tools that are used for information sharing. These tools include the Enterprise File Transfer Service, which is used to securely share and transmit files, and Intelink IM, which is a real-time chat tool for users logged into the law enforcement portal.
WIRED reports that the hackers could also have access to arrest records as soon as they’ve been entered into the system, and arrests that are under court seal and won’t be made public for months or years.
One hacker, “Cracka,” told WIRED that they viewed the arrest record of Jeremy Hammond. Hammond is currently serving a 10-year sentence for his 2011 hack in to Strategic Forecasting where he stole private e-mail messages and credit card numbers. Cracka did say, however, that CWA did not look at any other criminal records in the system.
“[W]e wasn’t there to hurt innocent people, just the government,” he said.
Cracka claims that his group is not looking for fame — they allege to be fighting for Palestine. He says they are targeting the U.S. government for funding Israel. A similar sentiment was echoed after the group hacked CIA Director John Brennan’s personal e-mail. The hackers reportedly contacted Brennan directly — when Brennan asked what they wanted, they said, “We just want Palestine to be free and for you to stop killing innocent people.”
While CWA’s actions undoubtedly have government officials on-edge, the group told WIRED that they do not currently have plans to release any more private information.
How Personal Information is Used Remains to Be Seen
It appears that CWA is testing the waters and simply showing the government what they are capable of. By releasing personal information, however, they are putting countless U.S. government officials at risk. CWA may have no interest in using that data for identity theft or other criminal activities, but because it has been released to the public, any individual with less than honorable intentions can take advantage of the situation.
Image courtesy of Flickr user Cliff.