The Daily Telegraph reported this week that hackers had broken into dozens of US police department computer systems, releasing vast amounts of information including reports of crimes submitted by the public.
The attack was carried out by members of the hacking groups Lulzsec and Anonymous. They posted a 7 GB file containing details of 77 officers including credit card details, social security numbers and other private data. The incident was apparently in response to the recent arrests of Lulzsec and Anonymous members in the UK and US.
One file published online, entitled ‘Snitch crime tip report’ allegedly included details of tip-offs about local incidents from members of the public, some whose names and addresses were included.
In a disturbing statement attached to the leaked data, Anonymous said: “We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information.”
2011 has seen a dramatic increase in the amount of hacking on high profile organisations, government departments and institutions. It is an issue that won’t go away, and it must be a concern for all organisations at board level. My advice: If you haven’t conducted a penetration test recently, you probably should. James S Tiller’s The Ethical Hacker: A framework For Business Value Penetration Testing is a great place to start.