Lulzlover Hacked Coalition of Law Enforcement, Data Dumped for 2,400 cops and feds

In support of OWS, an AntiSec hacker chose to lock and load on C.L.E.A.R. (Coalition of Law Enforcement and Retail), hack the website, and dump the entire member database. Passwords, phone numbers, email and home addresses, and other digital dirt was posted for over 2,400 law enforcement, feds, military, loss prevention professionals, and big corporations like Microsoft.

There's been no shortage of OWS video footage and some of the outrageous stunts the cops have pulled, but it caused another Anonymous hacker to lock and load on the police. From a land of cracked hashes, located somewhere over the rainbow tables, comes an AntiSec dump of the "entire member database" from  C.L.E.A.R. Coalition of Law Enforcement and Retail. The hacker, Exphin1ty, claimed to be a part of Anonymous and AntiSec when addressing "lulzlovers around the world" on Pastebin. The leak contains personal data for over 2,400 law enforcement, federal agents, loss prevention professionals, and big corporations like Microsoft. While this would seem painfully obvious, @exphin1ty pointed out, "Governments of the world, '123456' is never a secure pass phrase, even when hashed. Sigh. #antisec."

"The American law enforcement's inhumane treatments of occupiers has caught our attention. You have shown through these actions that you are nothing more than puppets in the hands of your government. We have seen our fellow brothers & sisters being teargassed for exercising their fundamental liberal rights, the exact ones that were bestowed upon them by their Constitution," Exphin1ty wrote in Pastebin announcing the dump. Here's the rest of his statement:

"This fun little database dump includes hashed passwords, physical and email addresses, phone numbers etc. of many military, law enforcement officers, large corporations such as Microsoft, federal agents & security companies. Many of the users reuse their passwords elsewhere, so we encourage all of our lulz loving friends to deface & leak their twitters, facebooks and private email accounts as well as spreading their d0xes far and wide across the internet ocean. The website requires new members to be approved by an administrator, meaning the validity of this information is relatively high."

This was followed by a "Formal apology; It was not my intent to release a dox on goodwill employees, however, collateral damage is unavoidable in the cyberworld," tweeted @exphin1ty.

Help Net Security reported, "The attack resulted in the temporary suspension of the website and the publication of names, addresses, email addresses and phone numbers of over 2,400 law enforcement officers and retail loss prevention professionals, as well as their job titles, the names of the agencies and businesses they work for and the passwords (in hashed form) for their accounts on the site."

The Hacker News reported the database was hacked using yet another SQL injection. At the end of October, the hacker group Team Poison posted a list of all the hackable police websites. Then there was another Anonymous leak of thousands of private emails from a retired cybercrime investigator in "payback" for Occupy Wall Street crackdowns. This was followed by two hacktivist groups, Anonymous and TeaM p0isoN, joining forces to make "banks pay for their crimes and corruption" in Operation Robin Hood. It's doubtful this is the last AntiSec/Anonymous payback attack in the cyber realm for the harsh treatment to OWS protesters.

Like this? Here's more posts:

Follow me on Twitter @PrivacyFanatic

Copyright © 2011 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)