The website of ODIN Intelligence, a company that provides technology and tools to law enforcement and police forces, was blacked out on Sunday.
The apparent hack comes days after Wired reported that an app developed by the company, SweepWizard, which allows police to manage and coordinate multi-agency raids, had a significant security breach that exposed personal information of police suspects and sensitive details of upcoming police operations to the open web. .
ODIN provides apps, such as SweepWizard and other technologies, to law enforcement departments. It also offers a service called SONAR, or the Sex Offender Reporting and Record System, which is used by state and local law enforcement to remotely manage registered sex offenders. But the company has also been the subject of controversy. Last year, ODIN appeared to be marketing its facial recognition technology for identifying homeless people and describing those abilities in callous and demeaning terms.
It’s not clear who breached ODIN’s website or how the intruders broke into it, but one message left is quoted as ODIN founder and CEO Erik McCauley, who largely dismissed Wired’s recent reporting that the SweepWizard app was insecure. laundry and spilled data.
“And so we decided to hack them,” reads the post on ODIN’s website.
A defacement message on ODIN Intelligence’s website spelled ACAB, an acronym for “All Cops Are Bastards”. Image Credits: TBEN (screenshot)
The text of the defacement is unclear as to whether the hackers exfiltrated data from ODIN’s systems or if, as it claims, “all data and backups have been shredded”, suggesting that there may have been an attempt to delete company data storage. But the defacement note mentioned three large archive files, totaling more than 16 gigabytes of data, each named in relation to ODIN, the sex offenders’ data, and the SweepWizard app, suggesting that the hackers may have at least accessed to company data.
The defacement also included a set of Amazon Web Services keys, apparently from ODIN. TBEN couldn’t immediately confirm that the keys belong to ODIN, but the keys apparently correspond to an instance on AWS’ GovCloud, which contains more sensitive police and law enforcement data.
ODIN CEO Erik McCauley did not return TBEN emails asking about the defacement and the apparent breach, but ODIN’s defaced website was taken offline a short time later.
