Twitter bans DDoSecrets account over 'BlueLeaks' police data dump

Twitter said DDoSecrets account leaked and promoted BlueLeaks, a huge collection of files stolen from more than 200 US police departments and fusion training centers.
Written by Catalin Cimpanu, Contributor

A Twitter spokesperson has told ZDNet today that they've permanently suspended the @DDoSecrets Twitter account for violating its policy about the distribution of hacked data after the account shared links to hacked data stolen from US law enforcement agencies.

Prior to the ban, enforced earlier today, the DDoSecrets account belonged to an activist group going by the formal name of Distributed Denial of Secrets.

On Friday, last week, the group published 269 GB of data they claimed to have received from the Anonymous hacker collective.

The data dump, dubbed BlueLeaks, contained millions of documents that were stolen from a Texas company named Netsential that provided web hosting services for various US law enforcement entities.

Subsequent analysis revealed that the BlueLeaks data dump contained files from more than 200 US police departments, fusion centers, and other law enforcement training and support portals.

The huge data trove was considered the biggest hack in the history of US law enforcement, revealing more than ten years worth of sensitive files about how US police trained personnel and conducted operations.

The BlueLeaks files were made available on the DDoSecrets web portal, but they were also announced and heavily promoted via Twitter.

In an interview with Wired, investigative journalist Emma Best, the main DDoSecrets figurehead, said the DDoSecrets group tried to avoid sharing sensitive information. Best said the DDoSecrets team spent a week scrubbing files for "especially sensitive data about crime victims and children, as well as information about unrelated private businesses, health care, and retired veterans' associations."

However, Best conceded that they might have missed certain sensitive information.

Earlier today, Twitter told ZDNet that the BlueLeaks data did indeed contain unredacted information that could have put individuals at risk of real-world harm.

The company said its platform's policy strictly forbids the dissemination of hacked materials of any kind, an offense that the company has enforced numerous times in the past.

As a result, Twitter was forced to suspend the account, following its long-established police enforcement procedures.

The social network came under criticism for its decision to suspend the DDoSecrets account after several users pointed out that Twitter had waited months or even years before enforcing the same policy and banning the accounts of other hacker groups such as Guccifer 2.0, TheDarkOverlord, and others.

Furthermore, other accounts like WikiLeaks and various Anonymous-themed profiles, which have disseminated hacked data in the past, are still up and running to this day.

Despite the Twitter ban, the BlueLeaks data dump remains available via the DDoSecrets website. However, users won't be able to share it anymore on Twitter as the social network has also banned the URL of the BlueLeaks portal, besides banning the DDoSecrets account.

The biggest hacks, data breaches of 2020 (so far)

Editorial standards