- The horror game banned for mocking China’s president probably isn’t coming back 2 Years Ago
- Cheap vibrators, condoms, and lube: The most satisfying Amazon Prime Day deals Today 3:07 PM
- George R.R. Martin says fan backlash won’t affect his ‘Game of Thrones’ ending Today 3:03 PM
- The very finest Area 51 memes Today 2:52 PM
- Tweet map ranks states where people are boycotting Amazon Prime Day Today 1:54 PM
- Lil Nas X says he will perform at Area 51 for free Today 12:56 PM
- The best Prime Day deals for gamers Today 12:53 PM
- How Republicans are dancing around Trump’s racist tweets Today 12:42 PM
- Not even anti-immigrant groups are defending Trump’s ‘go back’ tweets Today 12:37 PM
- Netflix’s latest chase thriller ‘Point Blank’ lacks electricity Today 12:27 PM
- Jay Inslee floats Megan Rapinoe as his secretary of state pick Today 11:33 AM
- The cast list for the ‘Kingsman’ prequel movie looks totally nuts Today 11:17 AM
- The best Prime Day deals to heat up your kitchen Today 11:16 AM
- YouTuber Emily Hartridge killed in electric scooter crash Today 10:50 AM
- Is Lashana Lynch really playing 007 in the new Bond movie? Today 10:33 AM
Missouri sheriff’s office leaked audio of police informants and victims after ransomware attack
Photo via Kim Siever/Flickr (Public Domain)
Sensitive leaked data crime scene reports, arrest records, and audio files exposing informants and victims.
A data breach at a Missouri law enforcement agency in January left thousands of sensitive records exposed online, including jail incident reports, arrest records, and more.
Security researchers who discovered the breach at the Warren County Sheriff’s Department say the leaked backup files—numbering in the hundreds of gigabytes—also include multiple audio recordings containing police interviews with confidential informants, as well as witnesses and victims of crimes, raising concerns about the safety of the individuals exposed, as well as the integrity of police investigations.
“This type of data is extremely damaging for ongoing cases and to protect crime victims,” said Bob Diachenko at the MacKeeper Security Research Center, which discovered the breach on an unsecured network-storage device and reported it to Warren County in mid-January. MacKeeper said that the audio recordings included cases involving “child molestation allegations, weapons and drug charges.”
Other exposed files reportedly include crime-scene and incident reports, mail archives, detention officer files, and use-of-force reports.
It remains unclear for how long the data was accessible online—or whether the MacKeeper team was the first to discover it—but the breach was secured in February after the researchers contacted the sheriff’s department.
Reached for comment on Thursday, a Warren County employee said that no one authorized to discuss the incident was available.
In a twist, the MacKeeper researchers discovered a number of encrypted records on the unsecured network pointing to an unrelated ransomware attack. The files also included instructions on how to download and install the Tor Browser and pointed to a dark net website where the agency could submit a payment.
“Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server,” a letter to the sheriff’s department said. “Alas, if you do not take the necessary measures for [sic] the specified time then the conditions for obtaining the private key will be changed. If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.”
An IT employee at the Warren County Sheriff’s Department told MacKeeper by phone that the agency had fallen victim to a ransomware attack in mid-2016, but reportedly claimed that “no ransom was paid.” MacKeeper told the Daily Dot that the same ransomware instructions had previously been found in other organizations’ backup files similarly exposed online, including a major U.K. investment firm.
“Despite the amount of sensitive information in the backup database what really concerns researchers is the ransomware instructions,” the researchers said, explaining: “Ransomware is computer malware that executes a cryptovirology attack, locks the files and demands a ransom payment to decrypt it. More advanced malware can not only encrypt the victim’s files, but also back up data to a remote server where cybercriminals can review the files to see how valuable or sensitive they are.”
MacKeeper said it could not independently confirm whether the ransom was paid. “This would effectively mean that the citizens of Warren County had their data compromised by cyber criminals who could use the information for fraud or extortion,” they said.“Were citizens or state authorities informed that the data was leaked? Did local authorities pay the ransom?”
In January, MacKeeper unearthed—and helped to secure—a data breach at a major telemarketing firm in Florida. The breach exposed at least 17,000 recorded telephone conversations in which customers provided sensitive information, including their credit card details. In total, nearly 400,000 calls had been left accessible online.
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.