‘BlueLeaks’ Hacked US Police Data Removed In German Takedown

Matthew Broersma,
police handcuff security crime keyboard © Oleksiy Mark Shutterstock

Zwickau public prosecutor confiscates server used to distribute hundreds of gigabytes of data hacked from police forces across the US

A cache of decades’ worth of US police records has been taken offline after German police shut down a server belonging to an activist group.

The server in question was located in Zwickau and was taken offline at the request of the city public prosecutor’s office, the Distributed Denial of Secrets group.

DDoSecrets posted the information, which it said it received from third-party hackers, amidst widespread protests against police brutality and racism.

It called the data “BlueLeaks” in a reference to whisteblowing organisation WikiLeaks.

security, hacking, blueleaksPolice data

“We have received official confirmation that #DDoSecrets’ primary public download server was seized by German authorities (Department of Public Prosecution Zwickau file number AZ 210 AR 396/20),” commented Emma Best, an investigative journalist working with DDoSecrets.

“We are working to obtain additional information, but presume it is re #BlueLeaks.”

Best added that the server was only used to distribute data to the public and had no contact with sources.

The server was “involved in nothing more than enlightening the public through journalistic publishing”, she said.

DDoS said it had received the massive 269GB trove of data, containing more than one million files, from the Anonymous hacker collective.

Twitter ban

The documents are thought to have been obtained from Netsential, a Houston company that provides digital services to law enforcement and government agencies.

The BlueLeaks portal went live on 19 June, giving access to scanned documents, videos, emails, audio files, training materials, law enforcement alerts and other materials from more than 200 US police departments and law enforcement fusion centres.

The documents are believed to contain detailed personal information on law enforcement officers and suspects, as well as past and ongoing investigations, which could expose individuals to fraud and security threats.

As a result, Twitter last month imposed a permanent ban on the DDoSecrets account, saying the group had violated its rules on providing links to private data and hacked material.

Twitter also began blocking its users from sharing links to the BlueLeaks portal.

US authorities said last month they were looking into the BlueLeaks breach.