Hackers Claimed to Breach a Police Vendor, Spilling Data Trove

tech.hindustantimes.com:

ODIN Intelligence markets software to law enforcement agencies, but its operations are opaque. Its official address is a mailbox inside a UPS store. LinkedIn lists about a dozen employees, and ODIN's website contains only one sentence: “We help communities link homeless with resources; help protect citizens from child predators, and assist in locating missing persons.”

Last week, the company published a notice saying that a hacking group claimed to have broken into its networks and stole gigabytes of data. About the same time, hackers provided a trove of documents — purportedly from ODIN Intelligence — to the Distributed Denial of Secrets, a pro-transparency group.

A Bloomberg review of the leaked dataset offers what appears to be a fuller picture of the small firm's products and customers, as well as a glimpse into operations by the police agencies that use its products.

More than 150 local, state and federal agencies had ODIN user accounts, according to the database, which also contains thousands of records detailing police sweeps, notes about operational “targets” and users' credentials. For instance, the database includes details of a multiagency child pornography sting in California that logged dozens of suspects with their names, addresses and dates of birth.

The attack on ODIN — its website defaced in the same hack with the slogan “ACAB,” short for “All Cops Are B****rds” — brings renewed attention to the growing constellation of private firms that help law enforcement agencies do their jobs, selling everything from analytical software to drones and other surveillance equipment. “Unlike public officials, private actors are not democratically accountable to the public,” wrote Farhang Heydari, executive director of the