Friday, 30 August 2013 12:00

August 2013 - Stolen credentials by Hacktivists

Data dump; Stolen credentials

After the bureau claimed authorities dismantled the hacktivist collective, Anonymous responded with a leak of thousands of records containing law enforcers’ personal information.

An FBI agent last week said the 2012 arrests of several activists, lead to a drop in hacking activity.

Now Anonymous has released several documents, with thousands of lines of personal information. “The collective used a restaurant's compromised website, Texas' The Federal Grill, to host them,” CSO reports.

The records appear to be stolen from the FBI’s Regional Forensics Computer Laboratory. “One document contains a list of first and last names, email addresses, location (state), InfraGard status, Operating system type, browser type, and IP address. The document appears to be a registration list taken from a website's database for a law enforcement webinar. A majority of those listed are active law enforcement.”

Plus, there's “a sorted list of 19,329 law enforcement email addresses. This list spans several states and agencies, and many of the email addresses are formatted with the person's name, but others use what seems to be a badge number. . . After that, a list of names, agency assignment, and cell phone numbers (claimed to be BlackBerry), were also published.”

A separate spreadsheet file, titled SWAG, allegedly contains email addresses, phone numbers, and full names for Federal Reserve employees, as well as other information such as employment assignments.

In a statement, the Fed said that the leaked data was likely taken during a breach disclosed earlier this year.

People who viewed the leaked FBI information also questioned its age, speculating that it was taken some time ago and only recently released.

sector

Financial Services; Government (U.S.)

reported

August 26, 2013

reported by

CSO

number affected

Thousands

location of breach

United States

perpetrators

Hacktivists

location of perpetrators

Unknown

date breach occurred

Early 2013

date breach detected

Early 2013 and August 2013