Hackers just leaked sensitive files from over 200 police departments that are searchable by badge number

A group of hackers has published hundreds of thousands of files it said were leaked from over 200 police departments and FBI offices across the US, including internal memos, emails, and officers’ personal information.

The data dump, dubbed “BlueLeaks,” was published on Friday by a hacktivist group called DDoSecrets. Many of the documents purport to show how law-enforcement agencies have been sharing information about COVID-19, George Floyd protesters, and even tweets critical of the police.

The files appear to stem from a data breach at Netsential, a Houston-based web-service provider that contracts with state law-enforcement agencies across the US. A memo obtained by the security reporter Brian Krebs said hackers compromised Netsential’s servers and stole files hosted by fusion centers, or state agencies that facilitate information sharing among police departments.

Netsential did not immediately respond to Business Insider’s request for comment.

The leaked files indicate that the FBI and other law-enforcement agencies have been keeping close tabs on social-media accounts that they believe are organizing protests over the death of George Floyd. One unclassified FBI memo to police departments in late May said that “law enforcement supporters’ safety” could be in danger, citing two tweets about destroying “blue lives matter” paraphernalia.

Other internal memos included in the leak showed police departments exchanging information about specific clothing, signs, and cars of protesters deemed potential threats. Police officers have already made arrests after tracking people down using photos taken at protests.

However, the documents don’t appear to include much information about specific officers’ misconduct or complaints about police departments, which are unlikely to be shared among departments via a fusion center.

Similar to WikiLeaks, DDoSecrets says that it acts as a forum to publish leaked information while keeping the identities of hackers a secret and that it is “uninvolved in the exfiltration of data.”

*story by Business Insider