Cyber Incident Victim: Baltimore Police Department
Date:
Apr 2015
Location:
United States of America
Summary
Hackers associated with Anonymous breached the Baltimore Police Department's servers, leaking email addresses and internal IP addresses related to webmail and mapping services onto Pastebin. The exposed data, viewed over 3,500 times, could facilitate phishing campaigns or distributed denial-of-service attacks against departmental systems, though the agency's public website remained protected by CloudFlare. This incident followed prior attempts by attackers to disclose personal information of local government officials, reflecting broader targeting of Baltimore authorities during periods of civil unrest.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 3 actors | Available to members | Available to members |
Description
On May 4, 2015, hackers associated with the Anonymous collective breached servers belonging to the Baltimore Police Department (BPD) and leaked internal data via Pastebin. The compromised information included multiple BPD email addresses and IP addresses linked to departmental web services, specifically those hosting webmail and maps. The group @AnonymousGlobo publicly claimed responsibility for the intrusion through a May 2 Twitter post, though the exact method of server access remained unconfirmed. While email addresses were not classified as confidential, security analysts noted their potential utility in phishing campaigns targeting police personnel. Exposed IP addresses raised concerns about possible distributed denial-of-service (DDoS) attacks against BPD’s online infrastructure, though the department’s use of CloudFlare’s content delivery network provided mitigation against such threats.
This incident followed an April 28 attempt by Anonymous-affiliated actors to publish personal information of Baltimore’s mayor and Maryland’s governor on pasting sites, though that data received only 22 views before removal. In contrast, the BPD leak remained publicly accessible and had garnered over 3,500 views by the time of reporting. The breach’s operational impact on police activities was not detailed, nor was it confirmed whether attackers exfiltrated more sensitive data beyond the disclosed emails and IPs. Security observers highlighted that the intrusion occurred amid broader Anonymous operations targeting Baltimore authorities, potentially inspired by concurrent local protests. No official statements from BPD regarding containment measures, forensic investigations, or system remediation were documented in the available report.