It’s not clear where the information came from. The information isn’t classified, but it’s likely to have come from a compromised government computer, the group’s other activities appear to suggest, as The Verge reports.
First discovered by Motherboard, the hackers, who go by the name Crackas With Attitude (CWA), have apparently accessed numerous classified law enforcement databases, according to screenshots shared with Wired.
Among the databases leaked: The Joint Automated Booking System (JABS), which includes nationwide arrest records that could be used to identify police informants. They also breached numerous inter-agency intelligence sharing programs including chat apps and secure file-sharing systems, The Verge reports. While none of the data from these programs has been shared publicly, this does suggest the group may plan to make things dicey for government officials.
If this latest breach is legitimate, it gives the hackers access to arrest records as soon as they are entered into the system. This information could be used on gossip sites and other media outlets that break stories about the arrests of celebrities or politicians, Wired notes.
It could, however, be far worse than that.
The system can also include information regarding arrests that have been sealed by courts and which aren’t supposed to be made public for months or years. This can include the arrest of suspected terrorists, gang members, and drug suspects. If members of a terrorist cell or gang gain knowledge of the arrests, this may allow them to evade capture.
Wired talked to a former FBI agent who confirmed that JABS shows all arrests and bookings regardless of how they are sealed. He added that sealed arrest records in which suspects are charged “will only have limited data.” Sensitive records are sometimes removed from the system so that news of an arrest isn’t leaked. Hackers might be removed, he noted, if they are possibly being used as witnesses or sources.
It does take some pretty serious work or threats for the records to be expunged, he added.
One hacker, who goes by the name “Cracka,” wouldn’t identify the vulnerability used by the group to access the portal, because the hackers are still trying to garner more information from the system. What’s notable about this is that Box announced earlier this year that law enforcement has just begun using the site’s file-sharing system for transmitting records, Wired reports. What isn’t clear is if this partnership has some significance regarding the breach. Cracka didn’t respond when Wired specifically asked him about Box.
“Just to clear this up,” he tweeted on Thursday, ” CWA did, indeed, have access to everybody in USA’s private information, now imagine if we was Russia or China.”
Cracka also said the data was leaked to show support for Palestine, Motherboard reports.
In a message on Pastebin, he referenced the war in Afghanistan and the bombing of an Afghan hospital by the U.S.
“I’m the bad guy in the news that’s targeting the U.S. government for funding Israel,” he wrote. “Did you know there was over 26,000 civilian deaths due to war-related violence in the Afghanistan war? Did you know the U.S. military bombed an Afghan hospital?”
CWA also gained access to IC3, a crime-reporting tool used by the FBI, and VCC, a sharing tool used by law enforcement agencies. Cracka wouldn’t say whose account the group hacked, saying only that the owner is someone “high in the [government].”
Motherboard did a bit of checking and was able to verify the accuracy of at least five random numbers in the list.
CWA first gained notoriety in October when they hacked the personal email account of CIA Director John Brennan and plastered the emails all over the Internet, AlJazeera reports. It’s thought that Cracka had a hand in this as well.
Apparently, Brennan’s email was accessed through some fairly uncomplicated social engineering techniques–tricking AOL into resetting the password on his account, The Verge reports.
CWS doesn’t have plans to leak more information any time soon, Cracka told Wired.
