[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] German Federal Police servers compromised


The H-Security
8 July 2011

A group calling itself NN-Crew says it has broken into a server used by Germany's Federal Police and stolen a large amount of data used to GPS-track suspects under surveillance. The police apparently used the hacked server as a data pool and server to download GPS tracking software; it also contained instructions for installation and operation of that software. Criminal investigators require authentication for server access. The surveillance data published by NN-Crew included several usernames and passwords along with telephone numbers, license plate numbers, locations, and coordinates. Numerous internal documents used by the authorities were also stored on the server.

A spokesperson for the German Federal Police said that an "analysis conducted by our executive committee revealed that no investigation data used by the Federal Police (or by the Federal Criminal Police Office) was published. As far as we can tell at the moment, the data published came from a server used by customs officials, which apparently also contained information from the Federal Police on the use of the PATRAS tracking system for distribution among customs officials." The spokesperson also said that the server of the PATRAS geo-data system has been temporarily switched off for security reasons and that all users have been informed.

The spokesperson added that the Federal Police are currently working with customs officials to check whether the data contained any critical information. The National Cyber Defence Centre at Germany's Federal Office for Information Security will also be looking into the matter. The event is especially embarrassing for customs officials, who are probably at fault, because they themselves are (associated) members of the Cyber Defence Centre.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.