Chicago PD Hacked? Probably Not …

Hackers are after your data, and yet so much that could be harmful to LEOs is publicly available

By Elijah Woodward  |   Jul 7, 2015

Recently Chicago Police Department was involved in the shooting of a subject, Alfontish Cockerham. Witnesses claimed he dropped his gun, held his hands up, and police opened fire.

As a result of this, a hacker group has taken on Chicago PD and claims that they are using various cyber attacks against the department including a DDOS (basically overwhelming their networks with traffic to cause a shutdown). They also claim that Chicago PD has suffered a data breach. This information was posted July 4.

Frighsec postFrightsec YouTube

From there they have also posted the names, home addresses, ages, income, and phone numbers of various officers along with their LinkedIn profiles, Facebook profiles, and family members.

A little further digging in to this group has found what appears to be their YouTube page with a video claiming they hacked the Indian River Sheriff’s Office in Florida two weeks ago.

Salary Excel

The information posted after that video appears to be the same kind of information as the Chicago PD hack (officer’s names, addresses, etc.).

A lot of the info posted appears to be the information that one could glean from various websites that offer some extensive searching capabilities. Spokeo.com is a great example of this. A search on someone there usually turns up others who may be related to your target as well as their home addresses. There’s a possibility that this truly is a data breach–or a clever attempt to make it look like a data breach when in reality it’s just using publicly available information.

The salary information could also have been obtained publicly via the City of Chicago’s salary and employee database. Using this tool one could also track down cops specifically. This is also available as an Excel file you can download and get the names and salaries of 32,182 Chicago employees.

The more we look around, the more it becomes obvious that no data breach probably occurred, otherwise they would be posting information that’s very obviously not publicly available (things like social security numbers and credit card numbers are a favorite).

What this does demonstrate is that in an age of attempts to be transparent and open, those efforts are rewarded with people willing to do a little bit of homework and post officers’ information all over the place. This of course raises other questions like: How can we continue to publish officers’ information when things like this happen? Furthermore, let’s keep in mind all the various frauds and other potential identity theft crimes that are possible when we post information like this. What are we doing to prevent those issues?

 

The following two tabs change content below.
Elijah Woodward
Elijah Woodward is the owner of SavageCyberSpace.com, a security consulting company focusing on information and cyber security as well as physical security. He has 10 years of law enforcement experience working in patrol, motors, and community resources. He is a member of the FBI’s InfraGard program, and the High Technology Crime Investigator’s Association. Elijah believes that law enforcement is in a prime position to address the issues of cyber crime and fraud, and it will be cops at the local level who will have the greatest impact on these new crimes as they continue to plague our communities. Reach him at [email protected]