ODIN Intelligence website breached and defaced
Sensitive data was also allegedly stolen
The website for law enforcement software provider ODIN Intelligence has been hacked, defaced, and subsequently brought offline, reports have claimed, with sensitive company data also allegedly stolen.
The identity of the attackers is unknown, but some reports have claimed it might have something to do with news reports of one of ODIN’s programs leaking sensitive data.
Some of ODIN's products include SweepWizard, an app that helps the police coordinate raids, and SONAR, short for Sex Offender Notification and Registration.
Unable to reproduce the flaw
Reacting to the news, ODIN Intelligence Chief Executive Officer (CEO), Erik McCauley, mostly dismissed the findings. When defacing the website, the attackers also left one McCauley quote on the homepage.
“ODIN Intelligence Inc. takes security very seriously. We have and are thoroughly investigating these claims,” McCauley told Wired at the time. “Thus far, we have been unable to reproduce the alleged security compromise to any ODIN system. In the event that any evidence of a compromise of ODIN or SweepWizard security has occurred, we will take appropriate action.”
“And so, we decided to hack them,” the attackers concluded.
The hackers also said “all data and backups have been shredded”, but the media believe the attackers may have actually stolen sensitive files from the company.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Speaking to TechCrunch, co-founder of non-profit transparency collective DDoSecrets, Emma Best, said her organization obtained data pulled from ODIN’s servers.“We received the data the other day and are processing it,” she said. Apparently, the hackers shared three large archive files, totaling 16GB. The attackers also left hashes - signatures for each file.
What’s more, hackers also allegedly shared Amazon Web Services keys corresponding with an instance on AWS GovCloud, but at the time, their authenticity could not be confirmed. The ODIN Intelligence website is still offline at press time.
- Here's our rundown of the best endpoint protection services around
Via: TechCrunch
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.