The web site for ODIN Intelligence, an organization that gives expertise and instruments for regulation enforcement and police departments, was defaced on Sunday.
The obvious hack comes days after Wired reported that an app developed by the corporate, SweepWizard, which permits police to handle and coordinate multi-agency raids, had a major safety vulnerability that uncovered private info of police suspects and delicate particulars of upcoming police operations to the open internet.
ODIN gives apps, like SweepWizard and different applied sciences, to regulation enforcement departments. It additionally gives a service referred to as SONAR, or the Intercourse Offender Notification and Registration system, utilized by state and native regulation enforcement to remotely handle registered intercourse offenders. However the firm has additionally been the topic of controversy. Final yr, ODIN was discovered to be advertising and marketing its facial recognition expertise for figuring out homeless folks and describing these capabilities in callous and degrading phrases.
It’s not clear who defaced ODIN’s web site or how the intruders broke in, however a message left behind quoted ODIN founder and chief government Erik McCauley, who largely dismissed Wired’s latest reporting that discovered the SweepWizard app was insecure and spilling knowledge.
“And so, we determined to hack them,” the message left on ODIN’s web site stated.
The textual content of the defacement is ambiguous as as to whether the hackers exfiltrated knowledge from ODIN’s programs or if, because it claims, “all knowledge and backups have been shredded,” suggesting that there could have been an try and erase the corporate’s shops of knowledge. However the defacement word made word of three giant archive information, totaling greater than 16 gigabytes of knowledge, every named in relation to ODIN, the intercourse offenders’ knowledge, and the SweepWizard app, suggesting that the hackers could have a minimum of had entry to the corporate’s knowledge.
The defacement additionally included a set of Amazon Net Companies keys, apparently belonging to ODIN. TechCrunch couldn’t instantly verify that the keys belong to ODIN, however the keys apparently correspond with an occasion on AWS’ GovCloud, which homes extra delicate police and regulation enforcement knowledge.
ODIN chief government Erik McCauley didn’t return emails from TechCrunch with questions concerning the defacement and obvious breach, however ODIN’s defaced web site was pulled offline a short while later.
Leave a Reply