image

Massive criminal records leak

A group of cybercriminals leaked a database containing criminal records of 70 million Americans, according to cybersecurity company Malwarebytes. 

The leak contained people’s full names, dates of birth, known aliases, postal addresses, dates of arrest, dates of conviction, sentences and more. 

This is bad news for anyone who has been convicted in the past.

What happened: Detailed analysis of the incident

Malwarebytes posted the news of this data leak on its its blog. The wording suggests the company didn’t have direct access to the leaked database. Still, the post revealed plenty of information about the incident and the threat actors behind the attack.

The hacking groups EquationCorp and USDoD are reportedly responsible for a major data breach involving the criminal record database. The breach, which resulted in the online leak of the database, contains 70 million entries. It includes the full names, dates of birth, known aliases, addresses, arrest and conviction dates, sentences and other information of millions of Americans who had encounters with the U.S. justice system between 2020 and 2024.

We contacted Malwarebytes and spoke with Pieter Arntz, a security researcher at the company, who informed us that they were able to obtain a small sample of the criminal records, which are specific to individual incidents. Each entry represents either an arrest or a case rather than a comprehensive compilation of all crimes committed by a single person. In other words, these records provide a snapshot of discrete legal events rather than a comprehensive overview of an individual’s criminal history. 

The exact source of this database is unknown. However, the hacker group USDoD, a major player in the field, is closely linked to "Pompompurin," the operator of the original data leak site BreachForums. According to Malwarebytes, USDoD plans to create a successor to the second version of BreachForums, which was recently shut down by law enforcement. By releasing this database, USDoD might be trying to attract new users.

The same hacker is also believed to be involved in a breach at TransUnion, the data from which was partly dumped in September 2023.

What does this data leak mean for you?

If you've had a run-in with the law before, there's a good chance that a bunch of the info you shared with law enforcement is now out there on the web. The exposure of such a comprehensive criminal database could have significant implications for law enforcement, judicial proceedings and the individuals mentioned within the dataset.

The hackers who pulled off the leak might be looking to make a quick buck by selling your data to shady characters on the dark web. They might also try to con you by pretending to be someone you trust or a legit company, aiming to get their hands on some cash.

This much bulk data can also be used by bad actors to threaten, harass and blackmail people with records similar to the Ashley Madison breach. For the unaware, In July 2015, a hacker group calling itself "The Impact Team" stole the user data of Ashley Madison, a commercial website billed as enabling extramarital affairs. These hackers copied personal information from the user base and threatened to expose users' names and personal details unless Ashley Madison shut down right away.