The U.S. government database provided access to a treasure trove of sensitive data. "I can request information on anyone in the U.S.," one of the alleged hackers wrote:
Two men, one of whom previously presented themselves as an independent security researcher to Motherboard, allegedly went on a wide spanning hacking spree that included breaking into a federal U.S. law enforcement database; using a compromised Bangladeshi police officer's email to fraudulently requesting user data from a social media company; and even trying to buy services from a facial recognition company which doesn't sell products to the wider public.
[...] Sagar Steven Singh, 19, was arrested in Rhode Island on Tuesday; Nicholas Ceraolo, 25, remains at large with his location listed as Queens, New York, a press release from the United States Attorney's Office for the Eastern District of New York says. "Singh and Ceraolo unlawfully used a police officer's stolen password to access a restricted database maintained by a federal law enforcement agency that contains (among other data) detailed, nonpublic records of narcotics and currency seizures, as well as law enforcement intelligence reports," it states.
[...] That pursuit of personal information is what allegedly drew Singh and Ceraolo to breaking into various law enforcement accounts. In one case, the pair allegedly used a police officer's credentials to access a web portal maintained by a U.S. federal law enforcement agency.
Also at Dnyuz.
(Score: 4, Touché) by Snotnose on Friday March 17 2023, @11:22PM (4 children)
that wants to force companies to pay more attention to security?
/ hint: dump Microsoft. Won't happen, but it would be the best bang for the buck.
When the dust settled America realized it was saved by a porn star.
(Score: 5, Touché) by Opportunist on Friday March 17 2023, @11:48PM
And the same that wants to know and store everything about you, exactly that one.
And unlike those companies, they won't be liable for anything. Like Mel Brooks already said in the History of the World, it's great to be the king.
(Score: 2) by MIRV888 on Saturday March 18 2023, @03:10AM
OK your byline is hysterical.
I lol'd
(Score: 3, Informative) by guest reader on Saturday March 18 2023, @06:50AM (1 child)
They used a username and stolen password belonging to a local police officer. Maybe they should start using Multi-factor authentication [wikipedia.org] (includes 2FA).
Original press release source [justice.gov] from U.S. Department of Justice: Two Men Charged for Breaching Federal Law Enforcement Database and Posing as Police Officers to Defraud Social Media Companies.
Complaint-USA against Sagar Steven Singh and Nicholas Ceraolo [flashpoint.io], Case 1:23-mj-00213-MMH
(Score: 2) by aafcac on Saturday March 18 2023, @06:48PM
And maybe we shouldn't be storing so much data in one place