Recently Chicago Police Department was involved in the shooting of a subject, Alfontish Cockerham. Witnesses claimed he dropped his gun, held his hands up, and police opened fire.
As a result of this, a hacker group has taken on Chicago PD and claims that they are using various cyber attacks against the department including a DDOS (basically overwhelming their networks with traffic to cause a shutdown). They also claim that Chicago PD has suffered a data breach. This information was posted July 4.
From there they have also posted the names, home addresses, ages, income, and phone numbers of various officers along with their LinkedIn profiles, Facebook profiles, and family members.
A little further digging in to this group has found what appears to be their YouTube page with a video claiming they hacked the Indian River Sheriff’s Office in Florida two weeks ago.
The information posted after that video appears to be the same kind of information as the Chicago PD hack (officer’s names, addresses, etc.).
A lot of the info posted appears to be the information that one could glean from various websites that offer some extensive searching capabilities. Spokeo.com is a great example of this. A search on someone there usually turns up others who may be related to your target as well as their home addresses. There’s a possibility that this truly is a data breach–or a clever attempt to make it look like a data breach when in reality it’s just using publicly available information.
The salary information could also have been obtained publicly via the City of Chicago’s salary and employee database. Using this tool one could also track down cops specifically. This is also available as an Excel file you can download and get the names and salaries of 32,182 Chicago employees.
The more we look around, the more it becomes obvious that no data breach probably occurred, otherwise they would be posting information that’s very obviously not publicly available (things like social security numbers and credit card numbers are a favorite).
What this does demonstrate is that in an age of attempts to be transparent and open, those efforts are rewarded with people willing to do a little bit of homework and post officers’ information all over the place. This of course raises other questions like: How can we continue to publish officers’ information when things like this happen? Furthermore, let’s keep in mind all the various frauds and other potential identity theft crimes that are possible when we post information like this. What are we doing to prevent those issues?