PoliceOne confirms hack; thousands of forum accounts for sale on the dark web
A data broker is selling hundreds of thousands of accounts used by police and federal agents from a hacked law enforcement forum.
The database is said to have been stolen in 2015, and contains 715,000 records on members who have registered with PoliceOne.com, a news site and community for police officers and law enforcement professionals.
Alex Ford, chief executive of Praetorian Digital, owner of PoliceOne.com, confirmed the breach in a phone call Tuesday.
Ford said that the company it will be notifying affected users and require them to change passwords.
According to a posting on a dark web marketplace, the stolen data includes usernames, passwords stored in MD5 (an algorithm that nowadays is easy to crack), email addresses, dates of birth, and other forum data, such as if a member is a verified law enforcement officer.
Many of the forums are private and can only be accessed by members, or in some cases verified law enforcement officials who have submitted their badge numbers or other identifying information, but this does not appear to be part of the leaked database.
The data is being sold for $400, according to the listing, which we are not linking to.
The seller of the data, who went by the name Berkut, reached out to me over encrypted chat and provided a sample of data for verification.
Many of the accounts in the database included email addresses associated with the FBI and Homeland Security.
Berkut said the SQL database was dumped by using a known exploit for the forum software.
At the time of writing, the forums are powered by vBulletin software dating back to 2014, which is known to contain several easily exploitable vulnerabilities known by hackers.
The forums were pulled offline late on Friday after we informed the site of the breach.