A pseudonymous hacker going by the name Berkut is reportedly selling a hacked database of over 700,000 user accounts from a popular police forum on the dark web. The site, PoliceOne.com is reportedly used by verified law enforcement officials and provides a platform for investigators to discuss tactics, weapons, and other specialist topics.
According to a listing on the dark web marketplace Tochka, the database contains around 715,000 user accounts from the police forum and includes emails from the NSA, DHS, FBI as well as other US government agencies. The database appears to be dated to 2015 and the hacker is reportedly demanding $400 (£320) for the data.
According to a report by Motherboard, Berkut claims that the account information may aid cybercriminals to access "private messages and posts". The database contains usernames, passwords, email addresses and alleged member join dates.
The hacker claimed that he infiltrated the site using a vBulletin exploit. A Google cache of the PoliceOne site revealed that the site was recently using vBulletin version 4.2.3. Motherboard's report claimed that the site was briefly down. However, at the time of writing, the PoliceOne site is back up.
Passwords were allegedly hashed with the MD5 algorithm, widely considered to be dated, indicating that it would be relatively simple for cybercriminals to crack them. However, the passwords were also found to contain salts, which are random strings of characters used to strengthen hashes.
One of the files reportedly contained over 3,000 account details of Homeland Security officials.
"We have confirmed the credibility of a purported breach of the PoliceOne forums in 2015 in which hackers were potentially able to obtain usernames, emails and hashed passwords for a portion of our members. While we have not yet verified the claim, we are taking immediate steps to secure user accounts and our forums, which are currently offline while we investigate and gather more information," a spokesperson for PoliceOne said.
"While we store only limited user data and no payment information, we take any breach of data extremely seriously and are working aggressively to resolve the matter. We will be notifying potentially-affected users as a matter of priority and requiring them to change their passwords," the PoliceOne spokesperson added.