Police Contractor That Promised to Track Homeless People Hacked
source link: https://www.vice.com/en/article/xgyjnq/odin-intelligence-hacked
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Police Contractor That Promised to Track Homeless People Hacked
Hackers have stolen more than 15GB of data from ODIN Intelligence, a law enforcement contractor which, among other things, recently had plans to track people experiencing homelessness with facial recognition. The cache includes a bevy of sensitive information, such as photos, reports, and other ODIN customer and internal data.
In one directory called “gallery” are 5,900 files. These include images such as mugshots, people, homes, vehicles, and peoples’ tattoos. Some of the files include identifying information, such as the name of the person in the filename or identity and Social Security cards.
Other files include field interrogation reports, and sex offender registration information. ODIN runs Sex Offender Notification and Registration (SONAR), a system used by local and state police for tracking sex offenders. The dump also included some polygraph reports, including of convicted sex offenders.
One file contains what appears to be user login information. This includes two FBI email addresses.
The data also contains what appears to be internal ODIN test data. One folder of more than 140 audio files contains many recordings of someone testing the app.
Reports generated by ODIN’s app SweepWizard are also included in the data. Law enforcement can use SweepWizard to coordinate the execution of search warrants or raids. Some of these reports contain false names of “organizing officers” such as “Superman” and “Captain America.” It is unclear if these are fabrications or placeholders for test purposes. ODIN’s CEO Erik McCauley is listed as a “commanding officer” in some reports. ODIN did not respond to a request for comment.
Transparency organization Distributed Denial of Secrets obtained the hacked data and shared it with Motherboard.
ODIN offers law enforcement a variety of products. Last year, Motherboard reported on an ODIN brochure for a product called the Homeless Management Information System, or HMIS. “Police use ODIN facial recognition to identify even non-verbal or intoxicated individuals,” the brochure read.
Earlier this month, WIRED reported on a vulnerability in SweepWizard. After receiving a tip, WIRED found that anyone visiting a specific URL was able to view data from the SweepWizard app. WIRED said it found personal information about suspects which could tip off people that they were going to be raided. In response, ODIN removed the app from the Google Play and Apple App Store.
McCauley told WIRED in a statement at the time “ODIN Intelligence Inc. takes security very seriously. We have and are thoroughly investigating these claims.” He added, “Thus far, we have been unable to reproduce the alleged security compromise to any ODIN system. In the event that any evidence of a compromise of ODIN or SweepWizard security has occurred, we will take appropriate action.” Captain Jeffery Bratcher, an LAPD official, told WIRED that the department is taking the issue seriously. “Operational security is always paramount to us. We don’t want people to know when and if we are coming,” he said.
Then on Sunday, TechCrunch reported hackers had defaced ODIN’s website. The hackers claimed to have stolen data from the company too. Distributed Denial of Secrets told TechCrunch it received this data.
“ACAB,” the message read. “All (cyber-) cops are bastards! No nations! No borders! We are all illegal!”
At the time of writing, ODIN’s website is offline.
Subscribe to our cybersecurity podcast, CYBER. Subscribe to our new Twitch channel.
ORIGINAL REPORTING ON EVERYTHING THAT MATTERS IN YOUR INBOX.
By signing up, you agree to the Terms of Use and Privacy Policy & to receive electronic communications from Vice Media Group, which may include marketing promotions, advertisements and sponsored content.
Recommend
-
12
+ digg
-
9
Public Blockchains Are Set to Reshape Global Commerce (2020 Was the Start)Ronald Coase, an economist, came up with the idea that the cost...
-
9
Home Chevron iconIt indicates an expandable section or menu, or sometimes previous / next navigation options.Politics ...
-
6
Hacked home cams used to livestream police raids in swatting attacksPublishedduration1 hour agoimage copyrightGetty Imagesimage captionAmazon's Ring doorbells have been compromised in some swatting...
-
5
News and Trends Jaden Smith Opening a Restaurant Where Homeless People Can Eat for Free The rapp...
-
9
Anonymous Social Media App Yik Yak Exposed Users’ Precise LocationsPrivacy researchers have found that it’s possible to find out the precise location of Yik Yak posts, potentially exposing users to doxing or stalkin...
-
6
US police agencies have been using a low-cost surveillance tool to track people’s phonesMariella Moon·Contrib...
-
6
Police in NYC during a sweep of homeless people. Image: Andrew Lichtenstein / Contributor via Getty ImagesA...
-
7
NYC's Widespread Homeless Sweeps Resulted in 3 People With Permanent Housing: ReportA city audit reveals that sweeps encompassing over 2,000 people have largely failed to transition the unhoused into permanent housi...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK