German authorities seize 'BlueLeaks' server that hosted data on US cops
German authorities have seized today a web server that hosted BlueLeaks, a website that provided access to internal documents stolen from US police departments.
The server belonged to DDoSecrets (Distributed Denial of Secrets), an activist group that published the files last month, in mid-June.
The server seizure was announced today by investigative journalist Emma Best, one of the DDoSecrets public figureheads.
"We have received official confirmation that #DDoSecrets' primary public download server was seized by German authorities (Department of Public Prosecution Zwickau file number AZ 210 AR 396/20)," Best wrote on Twitter today.
"The server was used ONLY to distribute data to the public. It had no contact with sources and was involved in nothing more than enlightening the public through journalistic publishing," she added.
We don't have the seizure order ATM. Just this: https://t.co/Ju45LlcJHG pic.twitter.com/uUHYElcret
— Emma Best 🏳️🌈🏴 (Mx. Yzptlk) (@NatSecGeek) July 7, 2020
Following today's action, the BlueLeaks portal is now currently down.
The website was active since June 19, when DDoSecrets published more than 269 GB of data containing more than one million files.
DDoSecrets said it received the files from the Anonymous hacker collective. The files included scanned documents, videos, emails, audio files, training materials, private law enforcement alerts, and more, and are believed to contain data from more than 200 US police departments and law enforcement fusion centers.
The BlueLeaks data is believed to have been stolen from a Houston company that provided web hosting services to US law enforcement agencies.
Four days after the BlueLeaks data was published, Twitter intervened and imposed a permanent ban the official DDoSecrets Twitter account, which the organization was using to promote the BlueLeaks portal.
Twitter said the account violated its platform policies regarding the sharing of links to private data and hacked materials. Along with the ban, Twitter also started blocking users from posting links to the BlueLeaks website.
In an interview with Wired, Best admitted that the DDoSecrets team might have missed sanitizing or removing files containing sensitive information.
US authorities said last month they were looking into the BlueLeaks security breach, but they never confirmed an official investigation, as per policy. It is currently unclear if German authorities acted at the request of their US colleagues; however, it is highly likely that they did.
The Zwickau Department of Public Prosecution did not return a request for comment sent after working hours. Best was not immediately available for comment.