MENUMENU

Hackers breach nation’s largest police organization, leak officer data

FOP

The effects of this remain unknown.

A hacker has thoroughly breached the Fraternal Order of Police, the largest law enforcement organization in the country.

The hacker, whose identity is unknown, was able to penetrate a number of FOP files, ranging from union between FOP chapters and local governments to, as the Guardian found, private forums where officers chatted about various topics, including politics. 

The organization claims about 325,000 active members, but a Daily Dot analysis of the files found retired officers’ names included in documents, totaling approximately 626,000 names. A smaller database, with some 90,000 names, included the officers’ dates of birth, location, and whether they’re still active.

A statement posted Friday to the FOP’s official Facebook page says that the attack happened around Jan. 13 or 14, that no member’s Social Security number was compromised, and that many of the hacked materials—presumably a references to the union agreements—were already public.

In a similar statement posted Thursday to the Florida chapter’s Facebook page, FOP President Chuck Canterbury blamed “the Group known as Anonymous” for the attack. He also said that the hack  “appears to have originated outside of the United States.” 

Anonymous is a notoriously amorphous label for hackers, hacktivists, and those who are politically active online; anyone who claims to be Anonymous effectively is. That said, it wasn’t immediately clear anyone using the Anonymous designation had claimed responsibility for the hack. 

Links to the documents were available on Twitter and for download on various torrent sites. A person who goes by Cthulhu shared the documents directly on his website but claims to have obtained the documents directly from the FOP hacker.

In a mock Q&A posted on Cthulhu’s website, he says the purpose of releasing the documents was that “the information is within the scope of public interest, in light of an ever increasing divide between the police groups and the citizens of the US.” He continued: “My role in this is to ensure the information is accessible to all so that a proper analysis may be done by both established media outlets and individual investigators who wish to expose any wrongdoing.”

Cthulhu, who claims to be U.K. citizen, added that he is not anti-police, and he has offered to answer questions pertaining to any investigation surrounding the hack. 

“I believe the police should have corruption exposed as all other places should also have wrongdoing exposed when they are in a public office,” Cthulhu wrote. “However, the information should not be used to attack the police; it should be used to help them address their problems and correct them.”

When first contacted by the Daily Dot Thursday, soon after the hacked documents began to circulate on the Internet, an FOP representative indicated the organization had no idea of the breach, or why it would have happened, but it was deliberating releasing a statement. The FOP didn’t respond to repeated calls on Friday.

Beyond Cthulhu’s statement, it is unclear why the FOP became their chosen target, if there is a particular reason at all. But police in general have long been a common target for hacktivists. And local FOP chapters, which are fairly autonomous, have recently caught negative attention for their criticism of groups that protest police, including vocal civil rights groups like Black Lives Matter. The FOP chapter of Fairfax County, Virginia, for instance, called for a boycott in October of a pumpkin patch because a nearby home prominently displayed a sign that read Black Lives Matter.

FOP.net, the organization’s website, is currently offline—a precaution, the official statement said, taken because of the hack. The site hosting the hacked files is still up as of early Friday evening.

Illustration by Fernando Alfonso III

Kevin Collier

Kevin Collier

A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.