A hacker, only identified by the moniker “Berkut,” made easy work of breaching the database of popular police forum PoliceOne to steal the login credentials and other sensitive information from approximately 715,000 user accounts.
Dated 2015, the hacker is suspected to be working with a few other data brokers, seeing that the stolen 2015 PoliceOne data is now available for purchase on the dark web.
The PoliceOne website is an open forum for specialists from different law enforcement agencies across the United States.
Among the topics that are commonly discussed on the forum include weapons, tactics, and other pertinent security issues.
The stolen information is of a highly sensitive nature, seeing that it contains private emails from officers of the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and many more law enforcement agencies in the United States.
Anyone looking to get their hands on the stolen police forum data would be looking to part with $400.
PoliceOne Confirms Database Breach, Is Yet to Issue a Warning to Other Users
The site administrators of the PoliceOne forum later confirmed the allegations of the hacking, notifying its users that there has been a database breach by unknown dark web hackers.
However, according to the spokesperson, the magnitude of the breach and the type of data that was stolen is yet to be determined.
The spokesperson further divulged that it would be hard to verify anything based on the covert nature of the hacking.
Investigations into the matter are still ongoing.
Dark Web Data Brokers Capitalized on PoliceOne’s Weak Link
Despite being a site frequented by top-notch law enforcement agencies, the PoliceOne forum was a bit too easy to hack into given that the user passwords were encrypted by the MD5 protocol.
Famous for having several vulnerabilities, the MD5 protocol is one dark web hackers have successfully exploited time and time again.
A glance at the site’s Google cache reveals that it currently runs on vBulletin 4.2.3. Berkut specifically manipulated a vBulletin exploit to gain access to the site, which went down shortly at the time of the attack.
According to a report, however, the site has been up and running shortly after the dark web hackers stole the vital user data.
Although the passwords had been hashed by the dated MD5 algorithm, the dark web hackers found that most of them also contained the hash-reinforcing salts—a random combination of characters.
No Credit Card Information is Available on the Forum
One of the upsides of the data breach is that none of the data being sold on the dark web contains any credit card information.
According to the PoliceOne spokesperson, the data that is up for sale on the dark web will only contain limited user data with no payment information.
However, it is hard to remain optimistic that the data being sold on the dark web will not have some less-than-pleasant implications.
Case in point: one file has been reported to have contained 3,000 user account credentials belonging to officials from the Department of Homeland Security.
The PoliceOne spokesperson announced that they will be taking serious action against the hackers and any other dark web criminals linked to the incident.
Users that could also be potentially affected by the hacking will be notified to change or reinforce their passwords.