In late June, Distributed Denial of Secrets, a WikiLeaks-esqe organization devoted to transparency, published BlueLeaks, a massive compendium of sensitive documents from more than 200 federal, state, and local law enforcement agencies in the U.S. Among other things, the documents included details about surveillance practices and the recent police brutality protests.
BlueLeaks has already led to a number of media reports about the inner workings of police departments. But on Tuesday, DDoSecrets revealed that last week, German authorities seized a server that was hosting BlueLeaks. The U.S. government requested help from Germany to retrieve the server, which prosecutors located in the Bavarian town of Falkenstein. The information still remains available on the Tor network, according to DDoSecrets, which plans to find a new host.
An unidentified hacker who reportedly sympathized with the recent nationwide police brutality protests obtained hundreds of thousands of files as the result of a security breach at the Houston web development company Netsential, which operates portals and information-sharing hubs for law enforcement. The files, which span as far back as 1996, did not reveal any high-level intelligence, but did shed light on police surveillance and bigotry. DDoSecrets redacted information about sexual assault cases and children, but left in the names, phone numbers, and emails of police officers.
Twitter permanently banned DDoSecrets’ account four days after the organization published BlueLeaks, asserting that it had violated the platform’s rules against sharing private and hacked data. Reddit also banned a subreddit dedicated to BlueLeaks under its rules against sharing personal and confidential information. Multiple media outlets, however, ran with the information to publish stories about policing practices. Business Insider, for example, retrieved documents revealing how TikTok provides data to law enforcement. One document that TikTok sent to police in April contained a user’s handle, phone number, phone mode, account registration date, the IP addresses that had accessed the account, and details on the user’s other social media accounts.
The Daily Dot published another article detailing allegations concerning homophobic, sexist, and racist instructors at the Midwest Counterdrug Training Center in Iowa. Leaked surveys from the center’s students contained complaints about how offensive language and sentiments pervaded the courses. A student reviewing a narcoterrorism course from September 2017 wrote, “While the instructor was open about his ‘anti-PC’ beliefs—this is the only time I have ever heard the [N-word] repeatedly used by instructors and students.” In another course from that same year, a respondent claimed that an instructor joked repeatedly about sexual assault and kept calling the only black male in the class “brotha,” even though the student was visibly uncomfortable being addressed this way. The same instructor also allegedly had students in one of his other classes play sex-themed games that had nothing to do with the course material. As one of his students described, “Draw a picture of a pig—the length of its tail represents your sexual drive or imagine yourself by a waterfall—three descriptive words are how you feel about sex.”
The Intercept used BlueLeaks documents to conduct an extensive investigation into how police were monitoring social media and inflating threats of violence during the protests in Minneapolis against George Floyd’s killing. Internal memos detailed how officers with the local police department and sheriff’s office scoured Twitter and Facebook for posts and events related to the protests, even keeping tabs on RSVPs for a church-hosted “Peace and Prayers BBQ” and candlelight vigil. Officers were also apparently able to obtain communications from private Slack and Telegram channels. Other memos predicted violent attacks on police that never came to pass. One warned officers to be on the lookout for protesters carrying balloons or bike locks and wearing masks. Another stated that Antifa would use car bombs against the National Guard and law enforcement, which never ended up happening.
The German prosecutors who seized the BlueLeaks server have said it’s up to the country’s judicial authorities to decide whether to hand it over to the U.S. The FBI, which is investigating the breach and leaks, has yet to comment publicly on the matter.