The BlueLeaks hack of 251 law enforcement websites exposes personal data of over 700,000 cops. Here is my analysis of the massive 269gb data set https://theintercept.com/2020/07/15/blueleaks-anonymous-ddos-law-enforcement-hack/

The hacked websites were built and hosted by Texas web development firm Netsentiel. They're written in ASPNET/VBScript and running on Windows servers. They all run the same custom, insecure CMS, which is likely why they all got hacked with their data exfiltrated

The hacked websites are mostly for "fusion centers" designed to share intelligence between feds and state and local cops. Many are devoted specifically to protecting oil companies, banks, and other industry

Here is an anecdote I discovered in the data, among hundreds of thousands of others. A week after George Floyd's murder, a student in Oregon contacted law firms asking for consent to add them to a list of pro bono legal resources for protesters

A Bay Area lawyer who received this message was pissed. He mailed this anonymous, unhinged, all-caps rant to the Marin County DA -- "CANNOT RISK THIS PIECE OF SHIT ANTIFA [...] FILING A BAR COMPLAINT AGAINST ME". He ended it with "HAPPY HUNTING"

An investigator at the DA's office must have thought that this was useful intelligence. She uploaded a scan of the letter to the Northern California Regional Intelligence Center (one of the hacked fusion centers) as a "Suspicious Activity Report"

Under category she put "Radicalization/Extremism", and under Subject she put the Oregon student's name, writing that the student "appears to be a member of the Antifa group and is assisting in planning protesting efforts in the Bay Area despite living in Oregon"

The unhinged Bay Area lawyer apparently isn't suspected of radicalization/extremism (even though he's clearly a right-wing extremist), but the polite college student is.

The return address on the envelope is the SF DA's office -- we couldn't confirm if the lawyer works with them