The US Arrest Records Database Compromised by Blackhat Hackers

Earlier attacks that leaked the personal emails and sensitive data of the CIA director John Brennan seems to have a connection to the new US Government hack.

Early clues point to the same Teenage hacker group behind CIA email hack

Indications point to it is the same group of presumed teenage hackers that are behind this new high level sensitive data leakage.

The hacker group had access to Law Enforcement internal systems

The hackers group had full access to the Private Portal with the confidential data.

The group in question Crackas With Attitude (CWA) shows evidence they had full access to the Law Enforcement Portal.

The data being accessed by the hacker group in the hack includes:

  • Sensitive Arrest records
  • Tools to share information about presumed terrorist events and active live shootings
  • Law enforcement personnel data
The system in focus that has been compromised is also known as the Joint Automated Booking System (JABS) which is controlled and only accessible by the Federal Bureau of Investigation (FBI) and other law enforcement agencies.

Hackers had access and control of the FBIs Chat System

The Real time Internal Chat Communication System can allow attackers to gain access to sensitive information.

Not only that the hacker group had access to the JABS system but they also had full access to the chat system which FBI agents use for internal communication with other law agency agents all over the US.

The hacker group CWA published some parts of the data collected to sites such as Cryptobin and Pastebin to prove the validity of the hack compromise.

The data published included email addresses, names, phone numbers of more than 3,500 military and law enforcement personnel. 

The Joint Automated Booking System (JABS) Hacked

A verified screenshot from the JABS system has been compromised as evidence shared by CWA hacking group to be real.
Blackhat Hackers from CWA group told Wired magazine they discovered a vulnerability that gave them full access of the private portal.

This gave them access to large amount of tools, confidential information.

The hackers refused to reveal any information about the found vulnerability.

The system can be abused by attackers since it provides sensitive information such as arrest records, if the arrests are public or non public.

This way they can gain access and expose sensitive secret information such as informants, people who have been detained but works for the Government law enforcement agencies.

This information can potentially be sold to criminal gangs that are subject to infiltration by law enforcement agents.

It is not known if the hacking group plan to release all the obtained secret information to the public or not.