Cyber Incident Victim: New Jersey Police Department
Date:
Feb 2016
Location:
United States of America
Summary
An ISIS-affiliated hacking group known as the Caliphate Cyber Army compromised personal information of 55 New Jersey Transit Authority police officers by obtaining a uniform laundering list from an external vendor. The leaked data included officers' home addresses, cellphone numbers, ranks, employee identification details, and work locations, with some residential information visible via mapping services. The group disseminated the stolen records through an Arabic file-sharing platform and encrypted messaging channels, resulting in hundreds of downloads. While the transit agency confirmed its internal systems were not breached, law enforcement collaborated with federal authorities to investigate the incident. The hackers, previously linked to minor website defacements and data leaks targeting unrelated small businesses, characterized this release as part of their ongoing campaign against U.S. law enforcement entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 26, 2016, the Caliphate Cyber Army (CCA), an ISIS-affiliated hacking group, obtained personal information belonging to 55 New Jersey Transit Authority police officers through a breach of an external vendor's system. The compromised data originated from a uniform laundering list and was compiled into an Excel spreadsheet containing officers' ranks, employee numbers, work locations, home addresses, and personal cellphone numbers. The leaked information spanned personnel from probationary officers to captains. While many addresses corresponded to police stations or headquarters, cross-referencing with Google Street View confirmed numerous residential addresses among the exposed data. The CCA uploaded this spreadsheet to an Arabic-language file-sharing platform on March 2, 2016, where it accumulated 300 downloads within three days. The group promoted the leak via Telegram, framing it as "Personal information of the US police stations including Leaders and officers." New Jersey Transit authorities confirmed their internal systems remained uncompromised but acknowledged the third-party vendor breach.
The disclosure exposed officers to potential physical security risks, with residential addresses and direct contact details circulating online. The New Jersey Transit Police engaged the Department of Homeland Security and FBI to investigate the incident, though no additional operational details were disclosed publicly. Historically, the CCA specialized in low-complexity cyber operations, primarily defacing small business websites like Alison’s Pantry (a Utah-based food supplier), Escali (a Spanish scale manufacturer), a Welsh flooring company, and a UK solar energy firm. Their activities included hijacking 54,000 Twitter accounts in 2015 and leaking phone numbers for CIA and FBI leadership. Cybersecurity monitoring firm Site Intelligence Group assessed the CCA as engaged in a sustained website defacement campaign since at least 2015, targeting predominantly vulnerable minor entities rather than hardened infrastructure. The group’s limited technical capabilities contrasted with their propaganda focus, leveraging psychological impact through selective data leaks despite lacking sophisticated intrusion methods.