Why is it important: The company, which provides tech solutions for law enforcement, has reportedly been hit by a hack that could compromise ongoing police operations and undercover personnel. It is not clear if the criminals under investigation got access to this information, but the fact that cybercriminals have it and could potentially sell it is alarming.
January 11 Wired reported that a company called ODIN Intelligence (OI) was involved in a data breach that could reveal the addresses and names of thousands of suspected criminals. He also revealed the phone numbers, email addresses and identities of hundreds of officers involved in about 200 law enforcement operations, including investigations, sting operations and undercover policing.
It was not clear who was behind the data breach, and OI neither confirmed nor denied that its systems had been attacked.
ODIN Intelligence Inc. takes safety very seriously,” CEO Eric McCauley said in a template statement. “We have and we are thoroughly investigating these claims. So far, we have not been able to reproduce the alleged security breach of any ODIN system. If we find any evidence of a breach of ODIN or SweepWizard security, we will take appropriate action. .”
The company’s two popular law enforcement applications are SweepWizard and SONAR. SweepWizard is an application used to organize raids across multiple agencies. SONAR is a sex offender notification and registration system.
Less than a week after the alleged hack, an unknown group of attackers hacked into the ODIN Intelligence website and defaced the homepage with a message that 16GB of SweepWizard and SONAR data had been stolen. He said he also received several Amazon Web Services keys. As evidence, he published hashes to verify the stolen files.
The seriousness of the violation is clear. Not only was sensitive information exposed, the leak potentially compromised undercover ongoing police operations and revealed the identities of undercover officers. The implications are not just the possibility of identity theft; life may be at stake.
Member of the Europol Data Protection Expert Network Ilya Kolochenko, claims that it could become the most dangerous data breach in 2023 because of the sensitive and classified information it contains.
“If law enforcement intelligence data falls into the hands of organized crime, it could lead to tragic consequences for police officers and undercover agents,” Kolochenko told Tech Report via email. “And that’s not to mention the fact that years of complex and resource-intensive police investigations can be wasted, and the perpetrators will eventually go unpunished …”
Kolochenko recommends that all agencies using ODIN applications evaluate the cost of data that may have been stolen and take appropriate steps to minimize the damage.
“All law enforcement agencies that may have been affected by the breach should urgently check what their data may have been stolen in order to understand and respond to a wide range of possible consequences, as well as quickly notify interested third parties,” Kolochenko said.