Clickability tracking pixel

Maine Intelligence Center Breach Could Snarl Investigations

The June data breach that exposed thousands of law enforcement reports from the Maine Information and Analysis Center will mean those mentioned in the documents must be notified — even those under investigation.

Matt Byrne, Portland Press Herald / July 13, 2020
Shutterstock

(TNS) — A data breach in June that exposed thousands of sensitive law enforcement reports from Maine’s police intelligence center has slowed the secretive unit’s daily operations and forced its staff to spend time combing through the documents to notify people, including criminal suspects, that their personal information was leaked.

The breach means that police may have to notify people mentioned in the documents who are under investigation but have not yet been charged, potentially interfering with investigations.

The Maine Information and Analysis Center has cut ties with Houston-based web hosting company Netsential, which provides web-based services to hundreds of police departments and so-called fusion centers to help them store and distribute files and manage email lists of hundreds of people who are designated to receive the law enforcement reports. Netsential also provided the platform for members to log in using an online web portal, which is now closed in Maine.

“We made the decision to no longer use Netsential until we have strong assurances that the issue has been resolved to our satisfaction,” said the center’s director, Lt. Michael Johnston, in an interview Friday. “When or if we return to Netsential will be contingent that myself, the state police and our network security people have confidence that the issue has been resolved and they’ve taken steps to mitigate the problem and the likelihood of it occurring again is very low.”

Staff at the center have spent the last two weeks combing through the documents and have already made hundreds of notifications to people whose names and information were contained in the leaked reports. Many of the reports included information about recent arrests, and potentially included personal information about the suspects.

The released data also showed that police kept tabs on anti-racism demonstrations by surveying social media posts for time and place information; and in 2018, the fusion center passed around a request to help find whomever posted signs protesting the proposed CMP corridor in along the Dead River in The Forks, saying the material posted in the woods constituted littering and criminal mischief.

The hack has also forced the agency to use outdated methods to manage an email list that has hundreds of recipients. Previously, the Netsential software allowed police to tailor who on the list received information, allowing police to target the distribution based on security levels or areas of interest.

Now, they are using Microsoft Office, Johnston said, and sending those emails manually.

“We’ve had to adjust and find other ways to provide the services that (Netsential) provided,” Johnston said. “The listserv and the portal was how information was submitted to us, and how we pushed information out to the masses. When you’re sending it to hundreds or thousands of people, that’s particularly where it’s affecting us.”

The center has come under intense scrutiny from lawmakers and privacy advocates because of a federal whistleblower lawsuit and allegations of illegal surveillance, an allegation that police have denied.

In all, about 270 gigabytes of information was stolen and then handed to a data transparency group, Distributed Denial of Secrets, which dumped them online.

DDoS said it removed references to some victims of sex crimes, but published the remainder. The group has posted other troves of stolen information in the past, including about off-shore tax havens and foreign police services.

The Maine-specific information from the fusion center totaled about 5 gigabytes comprising more than 9,000 files, with many containing personal identifying information of people suspected of committing crimes or who are under investigation.

The data also contained identifying information, phone numbers and email addresses for hundreds of law enforcement officers who have access to the center’s data. Some documents even appear to contain encrypted passwords associated with each account.

The agency and its 11-member advisory board has called an emergency meeting next week to discuss the hacked materials and the effect it’s had on the center and how it will move forward. That meeting will be held virtually, but it’s unclear whether the discussion about the hack will take place behind closed doors in an executive session because it involves non-public information.

“If you’re going to be in the information sharing business, you need to have a level of trust that that information is being protected and safeguarded,” said Johnston. “This is a challenge that we’re going to have to work through.”

The breach is having similar effects within police agencies around the country.

The FBI is investigating the breach, and in early July authorities in Germany, acting on a request from U.S. law enforcement, seized a server in Falkenstein near the Czech border that had hosted the files. But because the information had already been distributed all over the world via various file-sharing means, the stolen documents are still in circulation.

©2020 the Portland Press Herald (Portland, Maine) Distributed by Tribune Content Agency, LLC.

Looking for the latest gov tech news as it happens? Subscribe to GT newsletters.

E.REPUBLIC Platforms & Programs