Cyber Incident Victim: American Advertising Federation

In early April 2019, a hacking group publicly released data purportedly containing sensitive information related to law enforcement personnel. On April 15, TechCrunch reported that the hackers had hosted documents on their website containing approximately 4,000 unique records after duplicate removal, including names, personal and government email addresses, job titles, phone numbers, and postal addresses of FBI National Academy Associates (FBINAA) chapter members. This followed prior leaks targeting three FBINAA charters and thousands of FBI agents' personal information. The FBINAA issued a press release confirming collaboration with federal authorities to investigate the breach, emphasizing their national database remained secure. They suggested attackers might have exploited third-party software used by affected chapters, though no definitive evidence of a software vulnerability was confirmed.

Two days later, the hackers published an additional dataset falsely claiming it represented an "FBI watchlist" with over 20,000 entries. Subsequent analysis indicated this data likely originated from a compromised American Advertising Federation (AAF) database rather than law enforcement sources. The AAF clarified that their national membership database was not breached, theorizing the leak possibly stemmed from a local AAF club or chapter's records. Despite Twitter suspending the hackers' account, their data-hosting website remained operational. BleepingComputer noted unsuccessful attempts to obtain comments from the attackers. On April 17, the AAF reiterated its assessment that the exposed information did not originate from its central systems but could have been sourced from subordinate organizational units. The incident underscored concerns about third-party risks and threat actors leveraging stolen data to amplify disinformation about its provenance.