software criminals deface odin intelligence website
Software

Criminals Gain Access to Classified Police Documents

Criminals Gain Access to Classified Police Documents

Reports claim that a company that provides tech tools and services for the police has been the victim of cybercrime.

The company, ODIN Intelligence, provides an app called SweepWizard, which helps police organize multi-agency raids, and a service named the Sex Offender Notification and Registration (SONAR) system.

On 11 January, Wired reported that an ODIN Intelligence data leak may have exposed the names and locations of 5,770 suspects, plus the phone numbers, email addresses, and names of hundreds of officers and the details of approximately 200 operations.

It isn’t known which organization was behind the alleged attack or how they conducted the attack. In response to the claims, ODIN Intelligence CEO Erik McCauley said,

ODIN Intelligence Inc. takes security very seriously. We have and are thoroughly investigating these claims. Thus far, we have been unable to reproduce the alleged security compromise to any ODIN system. In the event that any evidence of a compromise of ODIN or SweepWizard security has occurred, we will take appropriate action.

Police Data Likely Leaked

A few days later, on Sunday 15, hackers gained access to the website for ODIN Intelligence and defaced the homepage, leaving a message that showed they had obtained over 16GB of data related to SweepWizard and SONAR along with a set of Amazon Web Services keys.

The hackers also provided hashes to verify the files. Emma Best, co-founder of DDoSecrets, a non-profit organization dedicated to enabling the free transmission of data in the public interest, said,

We received the data the other day and are processing it.

ODIN Intelligence has been in hot water in the past for its services. However, this time, the allegations are a lot more serious.

Last year, when marketing their facial recognition app that helps identify homeless people, ODIN Intelligence inhumanly listed problems with homelessness as devaluing property and degrading culture.

Ilia Kolochenko, a member of the Europol Data Protection Experts Network, says that third-party suppliers to law enforcement are an Achilles heel.

He argues that although defacing a website isn’t a highly serious incident, the indications are that this may be part of a major data breach — one that could be among the most harmful in 2023 because of the highly confidential and classified information that could be in the data leak.

Kolochenko wrote in an email,

If law enforcement intelligence data ends up in the hands of organized crime, it may lead to tragic consequences for police officers and undercover agents. This is not to mention that years of complex and resource-consuming police investigations may be wasted, and criminals eventually go unpunished …

The email further went on to say,

All law enforcement agencies that the breach could have impacted should urgently audit what kind of their data could have been stolen to understand and respond to the broad spectrum of possible implications, as well as rapidly notify concerned third parties.

It’s not shocking that law enforcement could be the target of cybercrime, but it’s alarming that criminals could have gained access to such highly confidential material.

James Capell

Technical editor and journalist. I have a particularly strong interest in NLP, AI ethics and cyber crime. Not too fond of cats.