Hackers Expose 93GB of Anonymous Crime Tip Data
▼ Summary
– P3 Global Intel markets its software as a secure, anonymous tip management system for crime prevention agencies worldwide.
– Hackers known as the “Internet Yiff Machine” recently stole and leaked 93GB of sensitive data from P3’s system.
– The leaked data contains highly personal information about accused individuals, including Social Security numbers and criminal histories.
– The data archive is being made available to journalists and researchers but is not being released to the general public.
– The P3 tip submission interface is a basic web form with numerous text fields for detailing specific criminal activities.
A company promoting itself as the new standard for secure tip management in law enforcement has suffered a significant data breach. P3 Global Intel, whose software is used by Crime Stoppers programs and government agencies worldwide to collect and manage anonymous crime tips, had approximately 93 gigabytes of sensitive data stolen and leaked. The breach, claimed by a hacker group calling itself the “Internet Yiff Machine,” exposes a profound failure in a system built on a promise of absolute confidentiality for informants.
The leaked data, which was provided to the news outlet Straight Arrow News and the Distributed Denial of Secrets (DDoS) archive, contains highly sensitive information. According to reports, the archive includes extensive personal details on individuals named by tipsters, such as full names, home addresses, dates of birth, phone numbers, email addresses, Social Security numbers, license plate data, and even criminal histories. Perhaps most alarmingly, the data also includes replies from investigators, potentially exposing ongoing law enforcement communications and strategies.
Given the extreme sensitivity of the material, which could endanger the lives of tipsters and compromise active investigations, DDoS has stated it will not release the data publicly. Instead, it plans to make it available only to vetted journalists and researchers. This incident starkly contradicts P3’s public assurances that user anonymity is “protected at all times.” The nature of the tips processed by such platforms, which can involve reports on violent crime, gang activity, and drug trafficking, makes this breach particularly severe.
The breach raises serious questions about the security protocols of a platform entrusted with life-or-death information. An examination of P3’s web interface reveals a relatively basic form with numerous text fields for detailing allegations, including specific sections for reporting gang activity, weapon locations, and drug sales methods. This apparent lack of sophisticated front-end design calls into question the robustness of the backend security that was meant to shield this critical data from unauthorized access.
(Source: Ars Technica)