Cyber Incident Victim: Fraternal Order of Police
Date:
Jan 2016
Location:
United States of America
Summary
A breach of the Fraternal Order of Police's systems resulted in the theft and public release of 2.5 GB of data, including internal contracts, limited member personal information, and private forum backups. The data was disseminated by a researcher claiming no direct involvement in the hack, who asserted the leak served public interest amid tensions between police and citizens. The organization attributed the attack to Anonymous and described it as sophisticated, involving a software vulnerability that accepted a fraudulent encryption key, but the researcher contested these claims, calling the intrusion method trivial and denying Anonymous' involvement. The incident prompted the victim to take their website offline and involve law enforcement authorities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On January 21, 2016, UK-based researcher Thomas White (operating under the alias CthulhuSec) publicly released 2.5 GB of data stolen from the Fraternal Order of Police (FOP), the largest police union in the United States. White clarified he was not the original attacker but received the data from an anonymous source. The dump contained controversial police bargaining contracts, limited personal information of union members, and a backup of thousands of private forum posts from FOP.net. White claimed to possess an additional 18TB of unreleased material marked as classified or sensitive, withholding it due to concerns about public safety. Following the release, FOP.net was taken offline. FOP National President Chuck Canterbury attributed the breach to Anonymous, alleging foreign origins and high sophistication, while disclosing attackers exploited a software error by feeding the system a pseudo-encryption key it improperly accepted. The union engaged cybersecurity professionals to investigate, notified authorities, and cooperated with an FBI inquiry.
Canterbury asserted the published data consisted only of publicly available contracts, downplaying immediate risks. White disputed FOP’s claims, denying Anonymous involvement and challenging the sophistication narrative by citing OWASP Top 10 vulnerabilities as evidence of trivial exploitation. He criticized FOP’s technical defenses and expert assessments, stating the breach methodology should cause institutional embarrassment. White emphasized his role as an information conduit for public interest scrutiny of police-citizen tensions, rejecting personal motives or electoral influences. The incident exposed operational documents and internal communications, prompting concerns about systemic vulnerabilities despite FOP’s assurances. White offered to assist law enforcement with his knowledge while maintaining no conflict of interest, framing the leak as a corrective mechanism rather than an anti-police action. The website remained offline during forensic analysis as conflicting narratives about attack complexity and attribution persisted without resolution in available reports.