A hack of the Salt Lake City Police Department this week has raised concerns after hackers claimed to have acquired information that might jeopardize the identities of confidential informants and operations.
On Tuesday, the hackers, known as @CabinCr3w and @ItsKahuna on Twitter, dumped some data on PasteBin and PasteBaythat included 1,073 names, usernames, e-mail addresses, MD5 passwords, job titles or position, and phone numbers.
In a statement posted with the data dump, the hackers write that they are responding to proposed legislation to deal with graffiti:
Dear Salt Lake City Police Department,
We took note http://fur.ly/0/MaynePlot that Senator Karen Mayne has put forth a bill SB107 – http://fur.ly/0/MaynePlotBill that tries to resolve an inconvenience with a flamethrower. Regardless whether the messages spray painted are disturbing, this bill sets an attitude that will down the line lead to invasions of privacy in people’s homes and raids at 6 am over spray paint. We know that law enforcement functions as a mindless machine led by InfraGard, PERF, and other domestic civil intelligence (so marches the security state) networks. We know there’s money to be made in the “just doing my job” compartmentalized economy. Therefore we know that regardless of the intent of Karen Mayne’s haphazard lawmaking, this will end in corporations selling miniature drones to police offers chasing 13 year olds. We will act now as we have seen other “well-meaning” legislation open the door to tyranny and financing of oppression. There is no denying where this will end in 3 to 5 years or perhaps sooner.
Has your Senator Karen Mayne watched Minority Report too many times? A law prohibiting ownership and use of purchased products based on suspected intent? Is she kidding? The purpose of the law is not to prevent crime, but to manage it. The public gets the benefit of the doubt. A little too zealous wethinks. Perhaps a little pre-emptive action will drive the point home. As the foot soldiers for this bill, you get a taste of Mayne’s witch hunt mentality. There are plenty of means to prosecute defacement of both private and public property in a general way. There’s also the fact that some of this behavior may fall under civil rather criminal context.
A felony has a serious effect on a person’s liberties after serving sentences, including loss of second amendment rights. And is this really the way to handle it? Perhaps Karen Mayne should be looking into why your neighborhoods are drawing this kind of behavior? Not acknowledging grievances and social issues such as poverty can lead to communities forming their own identities separate from their leaders. If all the senator has to offer is a policy that will lead to a self-righteous escalation of enforcement, consider this our deterrent.
The police department removed the site after word of the hack was announced on Twitter Tuesday. As of this morning, a message on the homepage says, “We are working on replacing content for the website. Please check back.” A statement posted on the SLCPD blog Tuesday says:
The Salt Lake City Police Department’s website, www.slcpd.com, has been taken offline due to a security breach.
At approximately 2:30 p.m. this afternoon, odd postings started to appear on www.slcpd.com. According to claims posted on Twitter, the hacking collective Anonymous claims it launched the attack in response to an anti-graffiti paraphernalia bill being proffered by a state senator who neither represents nor resides in the city.
While the hackers obtained email information of registered users, there is no indication that confidential information was compromised. The website was built as a standalone communication feature to increase dialogue about public safety issues in a proactive manner. For this reason it was not integrated with Department or City databases.
While this cyber-vandalism in no way impacts the core functions of the agency, it certainly inconveniences those citizens who work in partnership with the Police Department to make the city a safer place to live, work and visit.
The hackers promptly denied claims that no confidential information was compromised. In a series of tweets and responses to reporters’ questions, @ItsKahuna taunted the police department but reiterated that he would not be publicly revealing certain sensitive information:
SLCPD. Shut Down The Website, But Its Too Late For Damage Control. I Have Your Crime Tip Police Reports. Will Keep Them Safe For You
— Kahuna (@ItsKahuna) January 31, 2012
@ktvx I will not be releasing the anonymous tips and other confidential data from the site. Not out to endanger innocent people
— Kahuna (@ItsKahuna) February 2, 2012
@ktvx Anonymous Tips, Job Apps, Confidential Informant Info, NarcoticsRing Operation Information. Im the only one with a copy so its safe
— Kahuna (@ItsKahuna) February 2, 2012
The department subsequently acknowledged that the breach was more extensive than they originally stated. The Salt Lake Tribune reported:
“We have learned that citizen complaints regarding drug crimes in the community were also accessed. These forms included phone numbers, addresses, email addresses, other personal information, and details about suspicious activity from a variety of sources,” a news release stated.
While that statement appears to conform more to the hackers’ claims, Kahuna claims that the department is still underplaying the seriousness of the content:
@PogoWasRight They downplay the seriousness of the content of the files, but they acknowledge they were taken. All the files we took were…
— Kahuna (@ItsKahuna) February 2, 2012
@PogoWasRight located in a directory accessible from the admin panel of the site
— Kahuna (@ItsKahuna) February 2, 2012
Update: In a follow-up tweet to this blogger, @ItsKahuna states that the downloaded files show “drug operations, sales suppliers and names of people reporting. Licence plate numbers, locations etc.”