In the early hours of Sunday morning, the website for ODIN Intelligence, which provides technology and tools for law enforcement and police departments worldwide, was maliciously defaced.
It is interesting to note that this hack occurred just days after Wired reported that the company had developed an app that allows police to manage and coordinate multi-agency raids and had a significant security vulnerability that exposed sensitive information about future police operations, including the personal information of suspects as well as information regarding the upcoming raids.
There are several apps that ODIN offers to law enforcement departments, including SweepWizard and other technologies. In addition to a service called SONAR, it also provides a service called SOAR, which stands for Sex Offender Notification and Registration and is a system used by state and local law enforcement agencies to manage registered sex offenders remotely. There has also been a lot of controversy surrounding the company. According to recent findings, ODIN has been marketing its facial recognition software to identify homeless people while describing those capabilities as insensitive and demeaning to them.
While it is unclear to what extent ODIN’s website was defaced or how the intruders gained access, a message left behind quoted ODIN founder and chief executive Erik McCauley, who notably dismissed Wired’s recent report about the SweepWizard app being insecure and spilling data on users. “As a result, we decided to hack them,” the message on ODIN’s website explained.
“A defacement message on ODIN Intelligence’s website spelling ACAB, an acronym for “All Cops Are Bastards.” Image Credits: TechCrunch (screenshot).”
It is unclear from the defacement text whether the hackers have been able to exfiltrate data from ODIN’s servers or if they have, as the defacement text specifies, “shredded all the data and backups,”, recommending that the company’s data stores may have been attempted to be erased. In an interview with TechCrunch, Emma Best, co-founder of the transparency collective DDoSecrets, said that the organization had had data that had been exfiltrated from the servers of ODIN. Best said, “The company received the data the other day, and it is being processed.”
The defacement note had three large archive files totaling more than 16 gigabytes of data. The image below shows that each file is named according to ODIN’s organization, the sex offender’s data, and the SweepWizard app. As well as this, the hackers left behind hashes, a string of letters and numbers used to identify each file, thereby serving as a signature. It was confirmed by Best that the files that DDoSecrets received matched exactly with the hashes given in the defacement post.