- Begin forwarded message:
- From: Greg Held <firstname.lastname@example.org>
- Date: March 1, 2012 4:37:27 AM PST
- To: <email@example.com>, Ron Danison <firstname.lastname@example.org>, Mike Goosby <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <James.James@atf.gov>, <firstname.lastname@example.org>, <email@example.com>, <gates@LAWA.gov>, Jodi Thomas <firstname.lastname@example.org>, <email@example.com>, Jason Moulton <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, Brad Smith <email@example.com>, <firstname.lastname@example.org>, Robert Arcos <26185@LAPD.LACITY.ORG>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, Bobby Villegas <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, <email@example.com>, <firstname.lastname@example.org>, Brian Weir <email@example.com>
- Subject: Information Concerning Cyber Attack on LACPCA Membership
- February 28, 2012
- To: ALL LACPCA MEMBERS (CURRENT AND RETIRED)
- From: BOARD OF DIRECTORS
- Subject: CYBER ATTACK ON LACPCA WEBSITE
- On Tuesday, February 21, 2012, LACPCA President Tony Vairo was contacted by Agents from the Salt Lake City Field Office of the F.B.I. and informed that an organized cyber-terror group known as “Anonymous” had successfully “hacked” into the LACPCA website. This organization, which has strong ties to the anti-government movement and vehemently opposes law enforcement, has previously launched successful cyber attacks on several other law enforcement organizations, including the Los Angeles Police Department, the Los Angeles County Sheriff’s Department, the Bay Area Rapid Transit (BART) Police Department and Interpol. The group was able to extract information from the website on 123 individual LACPCA members. The specific information obtained from this cyber attack included the names, phone numbers, addresses, e-mail addresses and passwords from the member profile database contained within the non-public portion of the website. For the majority of those whose data was corrupted, the address and e-mail information on file was for the law enforcement agency or station to which they are assigned. However, some members had elected to provide their home address, phone number, or e-mail for purposes of being contacted for legitimate association business. The passwords that were compromised were the passwords assigned to the individual members used to log into the “members only” area of the LACPCA website.
- Personnel from the Los Angeles County Sheriff’s Department Headquarters Bureau, assigned to patrol the Internet for criminal activity, found the information stolen from our website posted on a link within Facebook. A request to Facebook that the post be permanently deleted was immediately complied with. However, once the information was put out in such a public forum, the assumption must be made that it “went viral” and is still retained by persons who may be sympathetic to anti-government groups, such as “Anonymous”.
- In response to this incident, the LACPCA immediately de-activated the corrupted website. The Board of Directors was already in the final stages of a complete re-design of the association web page, designed and produced by a completely different vendor and with enhanced security features. This new web design team specializes in designing and building secure websites, specifically those used for law enforcement applications. The new website is now up & running and the member profile area (which has no information in it) is not active. When we have a complete picture of exactly what happened in this cyber attack on our membership, we will work with the web team to design a membership area that provides the maximum degree of security possible and data protocols to ensure the minimum degree of exposure.
- In the meantime, we are encouraging all association members to consider the following:
- Persons attacking websites who successfully locate a password will typically try to access other accounts or password-protected arenas using the same password. They do this because they know that many people use the same password for multiple internet sites. Make certain to use independent passwords for each account. To maximize the security for each password, make sure it is at least eight characters long, using at least one upper-case letter and at least one number. Do not use passwords which are permeations of your name, your spouse, children, pets, etc.
- The Federal Bureau of Investigation is the lead agency investigating the attack on our website. The contact at FBI is Agent Scott Love. He can be reached at 213-533-4784. Agent Love has given us his agency’s strongest assurances that this case is a significant priority for the Bureau and the subjects involved in these cyber attacks targeting law enforcement personnel are being vigorously pursued.
- Of course, if you are the victim of any crime (identity theft, etc) that you suspect is a result of this cyber attack, we STRONGLY encourage you to file a formal crime report with the appropriate agency(ies). If that becomes necessary, forward copies of any relevant crime reports to Agent Love.
- Feel free to contact any Board member if you have any further questions.
- Tony Vairo - President
- Bobby Villegas - Vice President
- Doug Kohno - Treasurer
- Greg Held - Secretary
Oh Noes FBI
a guest Mar 6th, 2012 2,610 Never
RAW Paste Data