In case you missed our coverage this week in ThreatWatch, Nextgov’s regularly updated index of cyber breaches:
Days after the killing of a black man by Baton Rouge officers prompted global outrage, an individual posted online 50,000 poached city police records.
The cache, which was confirmed as legitimate, contained names, addresses, emails and phone numbers.
The administrators of the website apparently had failed to implement proper security measures.
The “breach”—for lack of a better term—appears to have been a case of unauthorized access using discovered login credentials rather than any kind of technical attack.
A hacker named @0x2Taylor claimed responsibility for accessing the database, but it is unclear whether @0x2Taylor obtained the data or was given it by a third party and took credit.
“The website had its permissions set wrong and shouldn’t have been left open for the public to see this data,” explained Jamie-Luke Woodruff, a security intelligence analyst who works at Patch Penguin, a British cybersecurity firm. “They seem to have obtained credentials to the Oracle server in which they extracted the database information. But they didn’t set out to get the data that they obtained it was just random that the credentials was found.”
Eric Romero, who runs information services for Baton Rouge, said he heard “rumors of a breach” but was unable to confirm it had occurred.
Baton Rouge police officers shot Alton Sterling, 37, after a confrontation in front of a convenience store in response to reports of an armed man.
Multiple cellphone videos of the shooting, captured by bystanders and released online, call into question some police claims that Sterling, who faced multiple criminal prosecutions in the past, was holding a gun when he was shot.
When @0x2Taylor first announced the hack, he accompanied the tweet with three hashtags suggesting the motivation behind the leak: #AltonSterling, …