Distributed Denial of Secrets (DDOS), a WikiLeaks-style organization whose goal is the “free transmission of data in the public interest,” recently leaked about 270 GB of information on more than 200 police departments, fusion centres, the FBI and other law enforcement agencies. The files, collectively named “BlueLeaks,” were supposedly supplied by hackers who are part of the Anonymous hacktivist movement to DDOS. The files appear to originate from Netsential, a web development company based in Texas, which reportedly admitted that a compromised customer account breached them. Journalist and activist Emma Best, one of the main people behind DDOS, reported Tuesday that the organization’s account was permanently suspended from Twitter. Twitter said it had suspended the account for violating “contra distribution of hacked material” rules. “We do not allow the use of our services to distribute directly content obtained through hacking that contains private information, may put people in physical harm or danger, or may contain trade secrets,” Twitter said in an email announcing its decision to suspend the account. Best told Wired they attempted to delete all types of information from the leaked papers, including names of victims of crime, children, private businesses, healthcare firms and veterans organizations, but acknowledged they might have overlooked some items. Twitter often forbids users from posting links to the DDOS website, warning them that the connection has been marked as “potentially dangerous.” When users attempt to access previously posted links, they are told that the connection may lead to a website that phishes personal information, installs malware or breaches Twitter’s terms of service.
— Emma Best 🏳️🌈🏴 (Mx. Yzptlk) (@NatSecGeek) June 23, 2020 The National Fusion Center Association (NFCA), which confirmed the validity of the leaked files, raised concerns that the information could be leveraged by threat actors to target law enforcement organizations and their staff. Ilia Kolochenko, web security company’s founder and CEO ImmuniWeb, who also holds a master’s degree in criminal justice and cybercrime investigations, pointed out that the leak could have serious consequences for many innocent people. “First, it will likely inflict irreparable reputational, financial and even physical harm on suspects and those accused of crimes that were later acquitted in a court of law,” Kolochenko said. “It will also jeopardize legally protected people, like witnesses, who have helped investigators convict dangerous criminals. Disclosure will now literally cause the death of witnesses if their identity is revealed to criminals or their bloodthirsty accomplices. Finally, it will substantially impede the performance of day-to-day law enforcement operations across the country, bolst Some supporters of the work of DDOS claimed that none of the leaked files were classified, while others pointed out that WikiLeaks and other similar entities, despite posting links to information obtained through hacking, did not have their accounts suspended by Twitter.
— Micah Lee (@micahflee) June 24, 2020