Hacker defaces website of firm supplying apps to police, may have stolen data
Monday, January 16, 2023
A group is claiming it has received stolen data, allegedly from an American firm that supplies a facial recognition application to police whose website was defaced on the weekend.
According to Ilia Kolochenko, founder of ImmuniWeb and a member of Europol Data Protection Experts Network, third-party vendors and suppliers “are the Achilles’ heel of law enforcement agencies.” Generally, a website defacement is a low-risk security incident, mostly carrying out reputational consequences, he said in an email. But, he added, “in this case, there are various indicators that the website defacement may be just the tip of the iceberg of a major data breach. If confirmed, the alleged intrusion may be one of the most harmful data breaches of 2023, given the highly confidential and classified nature of the information that could have been compromised by the attackers.
“If law enforcement intelligence data ends up in the hands of organized crime, it may lead to tragic consequences for police officers and undercover agents. This is not to mention that years of complex and resource-consuming police investigations may be wasted and criminals eventually go unpunished … All law enforcement agencies that the breach could have impacted should urgently audit what kind of their data could have been stolen to understand and respond to the broad spectrum of possible implications, as well as rapidly notify concerned third parties.” Read Full Article