Thousands affected after Anonymous hacks police union website

6:52 PM, Jan 1, 2012   |    comments
  • Share
  • Print
  • - A A A +

SACRAMENTO, CA - International hacker group Anonymous claims responsibility for hacking and releasing information about members of the California Statewide Law Enforcement Association union.

Anonymous tweeted on Sunday around 8:20 a.m., "In case you missed it: CA Statewide Law Enforcement Agency (http://cslea.com) pwnt by #AntiSec."

Anonymous released the names, addresses and phone numbers of members; plus, credit card information taken from the association's online gift store was posted. The information dump was called "pr0j3ct m4hy3m".

RELATED STORY: Hacktivist Anonymous turns online hacking into vigilantism

"California police have a notorious history of brutality and therefore have been on our hit list for a good minute now," Anonymous posted on a forum, where they released the information.

The group claims to have gained access to information of more than 2,500 members of the CSLEA.

Anonymous cited the death of Oscar Grant, police interaction with the Occupy movement, the prison death of George Jackson and conditions in California prisons and jails as evidence of police cruelty.

"We knew they did hack our website in November and pulled out various emails and information they could get," CSLEA President Alan Barcelona said. "And so we knew they were going to be posting things. As far as I'm concerned, the people at Anonymous are criminal terrorists."

UC Davis Computer Science Prof. Matt Bishop said there is no such thing as a perfectly secure website.

"Anything could be compromised, the question is just how hard" Bishop said. "In this case, it didn't seem very hard."

CSLEA sent a letter to members whose credit card information was taken on Nov. 10 about the security breach. It is unclear how many people's credit card information was posted.

"It's huge shock, especially since it's deemed a union that represents law enforcement and public safety," a CLSEA member said.

"I think it's terrible," said the spouse of a former fraud investigator. "Our (law enforcement) agency is there to protect us."

RELATED STORY: Police group members react to Anonymous hacking

The letter, sent by CSLEA Chief Counsel/General Manager Kasey Clark, said:

"CSLEA was advised by the Federal Bureau of Investigation Cyber Crime Unit that it had intercepted chat from a group known as Anonymous that was claiming it had successfully hacked into the CSLEA website and obtained confidential information maintained on the site."

In the letter, Clark said many of the credit cards that were compromised had expired.

READ MORE: CSLEA letter to members after website hack

However, a Department of Consumer Affairs employee Wesley Roddey said he was not informed about the hack.

Sworn peace officer Victor Sanchez learned about the security breach Sunday evening after getting phone calls from other CSLEA members.

"What we'd like to know is who did they notify, why everyone wasn't notified and when that notification is going to be done," Sanchez said.

Sanchez said all fee-paying CSLEA members should have been contacted, not just the people whose credit card information was compromised.

RELATED STORY: Peace Officers Union pushes for legislative probe into Anonymous hack

"It's important for me to know that that's happened so that I can change my security on my computer so I don't get hacked because they already have the information on where to find me," Sanchez said.

CSLEA INTERNAL EMAILS

Anonymous also posted email correspondence between CSLEA members about checking the website's security and when a breach was noticed.

On Aug. 18, after Anonymous hacked and posted information about BART officers, California Association of Fraud Investigator president Debbi Misquez sent an email questioning CSLEA's security:

"I received info on this very subject from one of the Political Advisors that CSLEA uses so I'm sure CSLEA is aware of these cyber attacks of hackings and are taking preventative measures to secure our data."

In reply CSLEA Computer and Networks Systems Technician Ken Fair forwarded an email he sent to CSLEA Chief Counsel/General Manager Kasey Clark in April, which said:

"Back around 2006 Alan [Alan Barcelona CSLEA President] and I had a conversation about our member information in relation to the new member interactive website that was being created. My advice (which Alan agreed) was to forever keep our member information completely separate from anything we do on the web. The way we have set our electronic organization up is to prevent something like this from ever happening. It would make verifying and keeping member information up to date a lot easier to have our member database connected to our website and/or our email newsletter database, but due just this kind of problem we've kept our member's sensitive information completely separate.

The only information connected to CSLEA.com is a name and email address (which we manually verify). No membership information or even mailing address. When a member updates their mailing address online it is not kept in a database, but instantly sent to Johnell."

At the end of the email Fair wrote, "If we are being attacked, we can literally unplug from the internet to stop the attack."

In early November, Clark emailed Fair about looking into a possible security breach. Fair replied:

"I've contacted our website hosting service to take a look and see if there is any suspicious activity. They will email me if they find anything but they said they already have alerts setup monitoring our website and it hasn't alerted them so we'll see.
I haven't been able to find any signs of intrusion on our server, though I do see signs of higher than usual scans of our firewall.

There seems to be a number of ip addresses coming from Taiwan, Russia, East Asia and such scanning our firewall on port 445 to try and get in. This used to happen once a day when I last checked our firewall a couple of months ago, now it's happening multiple times a day. I've looked up the activity on security websites and it seems to be a common occurrence. The activity of firewall scans coming out of China and Russia has increased dramatically in the past year, but it's just automated scans not actually intrusion attempts, so I'm not too worried . . .

As far as I'm can tell this whole thing is bogus, But I'll keep looking on Monday to see if I can find any kind of evidence of intrusion."

Later that day the CSLEA hosting company STLi Director Billy Wedlock emailed Fair:

"It does seem that someone accessed our server through the CSLEA admin and uploaded files that may give them access to the server.

Tommy's looking into the details.

We haven't had a similar security breach that I can remember.

I will send you a copy of the files uploaded and the log showing the IP address of access."

NEXT FOR ANONYMOUS

At the end of the posted information, Anonymous said their next target is New York Police Chiefs.

"For our next owning we bring you multiple law enforcement targets in the state of New York, who has been on our crosshairs for some time due to their brutal repression of Occupy Wall Street," Anonymous said.

The group plans to release passwords and residential addresses for over 300 police chiefs in the state of New York. Anonymous also said they will release emails discussing police methods to combat protesters.

News10/KXTV

Most Watched Videos