An impressive leak due to its volume, and with potentially serious consequences in the United States because of its content. This is how we can summarize the “BlueLeaks”, a set of data and documents weighing nearly 269 gigabytes, published in free access while they come from the inner workings of dozens of police agencies spread all over the territory of the United States.
The data was released on Friday, June 19, the day of the commemoration of the abolition of slavery in the United States. Ceremonies that took place in the very specific context linked to the Black Lives Mater movement and denunciations of police violence against black communities, after the death of George Floyd, in late May.
Collective Distributed Denial of Secrets (DDoSecrets), an organization campaigning for more “transparency”, known for having already published different databases – on the model of WikiLeaks, but with different ideological and editorial choices – chose today to publish the “BlueLeaks”, in a downloadable version, but also available on a search engine. Its access has since been highly random due to the instability of the website.
One million documents
An internal memo from the National Fusion Center Association (NFCA), the institution that represents the centers for sharing judicial information between federal and local agencies in the United States, was consulted by the American journalist Brian Krebs, recognized expert in cybersecurity . This note attests to the authenticity of the “BlueLeaks,” he said in a June 22 article, while indicating that according to the NFCA, published police files contain police documents dating back to August 1996.
All this information is suspected to have been stolen from the servers of the company Netsential
The specialist magazine Wired spoke of the presence of a million documents – text, audio and video – in this dataset, drawn from the archives of nearly two hundred American police agencies working at various levels (local, federal, regional, etc.). All of this information is believed to have been stolen from Netsential’s servers, which host many platforms for exchange between local police and federal agencies.
Five days after the “BlueLeaks” were put online, Netsential, which also claims to count among its clients both large American companies that small businesses and associations, published on the home page of its website a statement confirming that “Its web servers had recently been compromised”.
According to Wired, the piracy at the origin of the “BlueLeaks” has been claimed by a person presenting himself under the pseudonym “Capital A Anonymous”, namesake of the “movement” Anonymous – the famous movement of “hackers” who recognized by the symbol of Guy Fawkes’ mask, but which everyone can claim and whose action is not centralized by a common authority.
Information on police practices
The co-founder of DDoSecrets, known under the name of Emma Best, explained to the magazine Wired than the main purpose of these documents is not to reveal illegal actions of the American police, but to inform the public about what the latter are doing “Did and did lawfully”, through police reports showing his daily functioning.
A member of the ACLU (a major association for the defense of civil liberties), interviewed by a Maine television station, was therefore concerned, after having consulted these data, about the number of information collected by local and federal police authorities on people issuing “Critical” against government policies.
Initial information from the “BlueLeaks” published by the site The Intercept, which focus on files dated May 27 to June 6, 2020, highlight the recent handling of protests against racism in the United States by the police.
In a document from Minnesota law enforcement, it says, for example, that a “Federal partner” warns other agencies of possible attacks by“Antifa” using car bombs, using fake license plates; the FBI, for its part, is concerned about messages posted on Facebook by people, supposedly close to the bikers Hells Angels, seeking to protect their illegal activities while the demonstrations (and the police presence) are becoming more present.
Many personal data
DDoSecrets portal co-founder Emma Best said during her interview with Wired that she and her team spent a week browsing the files ” BlueLeaks ”to purge personally identifiable information, including that of children and victims of crime. It is for this reason that 50 gigabytes of data transmitted to them by Capital A Anonymous has not been made public. Emma Best admits, however, that“Due to the size of the database” and from the date of publication chosen (June 19), the collective “Probably missed things” before publishing this data.
In the “BlueLeaks”, we find a lot of personal data related to the American police personnel.
In all these documents making up the “BlueLeaks”, we find a great deal of personal data linked to members of the American police force, but also to the files in progress concerning other American citizens: addresses, diplomas, declarations, full contact details, photographs … The world For example, has repeatedly identified the names and addresses of people who contacted the police for assistance.
Some observers have pointed out the risks inherent in publishing such data: the disclosure of this type of personal information that could expose affected US citizens to online scams based on their personal information. Above all, the data made public can also present risks for the conduct of ongoing police investigations, documents, and especially the most recent, which may give information to criminal organizations or individuals on investigations concerning them, but also on the methods used in such cases.
Methods that have already been debated
Appeared online in late 2018, the DDoSecret movement stood out a few months later with the publication of “Dark Side of the Kremlin”: a compilation of tens of thousands of emails, as well as internal documents from the Russian government and Separatist groups in eastern Ukraine, which the organization “WikiLeaks” had refused to share on its platform. Emma Best had previously accused the NGO founded by Julian Assange of having sought to destabilize the presidential campaign of Hillary Clinton: DDoSecrets had also published numerous documents against the founder of “WikiLeaks”.
DDoSecrets has acquired a bad reputation by hosting files whose public utility is more than questionable
Then, over the months, DDoSecrets, which has aggregated on its site a lot of pirated data already published on other platforms (such as “MacronLeaks”), has acquired a bad reputation by hosting files whose public utility is more than questionable. This was particularly the case with old data from the hacking of the extramarital dating site Ashley Madison, which had caused in 2015 many blackmail, as well as the suicide of several people, or even those who had been stolen from the site of meets Muslim Match.
Due to media criticism, the group of activists had finally resigned themselves to making this type of data available only to journalists and researchers through its website, provided they made a reasoned request. A method which was not retained for these “BlueLeaks”.
Moderated links on Twitter
The nature of the information contained in this database has, in any case, led to its moderation: four days after sharing the download link for “BlueLeaks”, the DDoSecrets Twitter account has been permanently closed. In addition, hyperlinks to the DDoSecrets site are now blocked by Twitter and are flagged as potentially harmful.
The social network of Jack Dorsey justified its decision by referring to the conditions of use, which stipulate that it “Do not allowe not the use of its services to directly distribute content obtained by hacking “. This while, as several Internet users point out, the “WikiLeaks” account is still very present on Twitter despite publications that could be described as similar.