For the second time in less than one month, a Florida sheriff’s department has been hacked. In April, it was the Lake County Sheriff’s Office. This time, it’s the Glade County Sheriff’s Office.
In a statement on the breach, @k0detec writes:
Oh Hai Glade County Florida Sheriff’s Department.
Your security sucks and your usernames and passwords make referance to sodomy.
–>> [email protected] | Summer | Odom | sodomize | sodom <
We would say you guys are not smarter than the average pigs, but possible a little more sexually adventurous?
The data dump includes 10 names with email addresses, plain-text passwords, and usernames. Some of those are the web developer’s accounts or test accounts.
The bulk of the data dump consists of prisoner data. A table containing information on 192 prisoners lists their names, gender, dates of birth, eye color, hair color, height and weight, last known address, and other details concerning their classification. Most of these prisoners are being housed by the sheriff’s office for the Immigration and Customs Enforcement (ICE) while less than a dozen are housed for the U.S. Marshall Service. Only a few are actually prisoners of the sheriff’s office, and one is housed for the Highway Patrol. As the sheriff’s office explains on its web site:
As in many other counties in Florida, budget constraints have caused our office to look to other funding sources outside of ad valorem taxes. We partner with ICE and the US Marshals to house over 450 federal detainees and prisoners for the Federal Government. This benefits the Glades County Sheriff’s Office as well as the residents of Glades County, by allowing us to hire competent, dedicated employees by providing competitive salaries, a new ” State of the Art” jail, and new modern equipment. Even though being one of the smallest Sheriff’s Offices in south Florida, we deliver the same quality of service many of the other larger agencies provide.
The data dump, then, appears to be less than half of the full prisoner database. While much of the inmate data is public record and could be accessed by anyone using the inmate search function on the sheriff’s web site, it’s not clear what else the hackers may have acquired. That said, to date, there is no indication that this hack was as bad as the Lake County hack where a huge amount of non-public information was dumped on the Internet.