- There’s a lot you can say during sex and also while at Disney World Wednesday 9:34 PM
- Peloton shows 3 positive emails and a Facebook post to prove its ad wasn’t cringe Wednesday 8:23 PM
- Bhad Bhabie accused of cultural appropriation, then criticized Black women with her defense Wednesday 7:23 PM
- Pinterest, the Knot called out for glamorizing plantation weddings Wednesday 6:55 PM
- Subreddit dedicated to dunking on ‘Game of Thrones’ 2019’s most popular TV subreddit Wednesday 6:25 PM
- Jason Derulo is pissed Instagram deleted his risqué bulge photo Wednesday 5:50 PM
- Instagram taking steps to ensure users are over 13 years old Wednesday 5:16 PM
- ‘Trayvon Hoax’ screening canceled after George Zimmerman files lawsuit Wednesday 5:06 PM
- Mailchimp sued for allegedly facilitating sex trafficking Wednesday 3:51 PM
- Republicans, Dems split over right to sue Facebook Wednesday 3:35 PM
- Pete Davidson’s $1-million standup NDA is his best bit yet Wednesday 1:17 PM
- Sex workers fear a Twitter ‘NSFW ban’ is coming in 2020 Wednesday 1:08 PM
- What is a jade roller and do they really help your skin? Wednesday 12:19 PM
- Smoke ’em, pass ’em Week 14: Gearin’ up for the fantasy playoffs Wednesday 11:58 AM
- The internet stans Princess Anne after she refuses to shake Trump’s hand Wednesday 11:24 AM
Largest police union in U.S. struggles to recover after major hack
‘I’m not confident in anything at this point.’
Days after being hit with the largest hack in its history, the country’s preeminent police union is still scrambling for answers.
“I’m not confident in anything at this point,” Jim Pasco, Executive Director of the Fraternal Order of Police, told the Daily Dot Monday over the phone. “I’m not technically oriented, so I don’t know.”
The hack was brought to light Thursday, when an independent security researcher and activist who goes by Cthulhu released a huge cache of FOP data that an anonymous hacker had acquired. It included, among other things, the names of 626,000 current and retired members, contract agreements between FOP divisions and local governments, and contents of private forum conversations between police officers.
“They can only improve my reputation, so I’m not worried.”
From the beginning, the act seemed to baffle the FOP. The organization was unaware of the breach when the Daily Dot first contacted it on Thursday. Later that day, in lieu of issuing a formal statement to the media, FOP president Chuck Canterbury wrote about the hack on the Facebook page of FOP’s Florida chapter. In it, he blamed “the Group known as Anonymous.” In a followup post on the FOP’s national Facebook page, he said that the hacker had used “0Day vulnerabilities,” a reference to a previously unknown vulnerability.
In a post on his website, Cthulhu said these claims are inaccurate.
The FOP hacker in question, while still keeping his identity secret, doesn’t identity with the hacktivist designation Anonymous, Cthulhu claimed, and never indicated he did. Cthulhu also denied that the FOP was breached via a zero-day exploit, or anything resembling a sophisticated hack. Instead, he said, the hacker used an exploit listed among the Open Web Application Security Application’s list of ten common hacks and how administrators can avoid them. “If your ‘computer experts’ have identified the flaw as you claim to have, you should realize you are either lying or have not hired experts if they call it sophisticated,” Cthulhu wrote.
“We’ve not heard directly from the hacker,” Pasco said, so the FOP can’t speak to his motivations. For any number of hacktivists, however, any law enforcement target with a gaping vulnerability would likely be a juicy target.
Either way, it remains all hands on deck for the FOP. The site has been down, at Canterbury’s discretion, since Thursday; ironically, the hacked material has still been available at Cthulhu’s site since then. Canterbury told the Guardian that the Federal Bureau of Investigation had contacted the FOP. Pasco said that the U.S. Department of Justice was also investigating, in addition to FOP’s own investigation.
Pasco added that while he was sorry for the hundreds of thousands of officers named in the hack, the leaked information will likely not affect him on a personal or professional level.
“A hacker got me personally a while back because of something I’d said, so mine [information] was already out there,” he told the Daily Dot. “A lot of it’s not true about me, but most people assume it was. They can only improve my reputation, so I’m not worried.”
Illustration by Jason Reed
A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.