Cyber Incident Victim: Palm Beach County
Date:
Feb 2016
Location:
United States of America
Summary
Confidential property records of approximately 4,000 law enforcement personnel, prosecutors, and judges were published on a website formerly owned by a technology consultant with ties to Russia. The consultant, a former sheriff's deputy, created the site to expose alleged agency corruption before selling it to Russian acquaintances. Hackers reportedly obtained and posted the addresses in retaliation against the sheriff's office, which was accused of surve on critics. A forum user claimed responsibility for the breach. The county property appraiser's office stated its database did not contain the leaked records, and the origin of the data remained unclear. Federal authorities were observed reviewing the exposed information.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On February 15, 2016, hackers publicly posted approximately 4,000 confidential property records containing home addresses of Palm Beach County law enforcement personnel, prosecutors, and judges on the website PBSOTalk.com. The leaked data included sensitive personal information belonging to high-profile individuals such as Palm Beach County Sheriff Ric Bradshaw, State Attorney Dave Aronberg, federal judges, and FBI agents. Former Palm Beach Sheriff's Office deputy Mark Dougan, who created PBSOTalk.com in 2008 to expose departmental corruption after leaving the agency, stated he had sold the website to Russian hackers prior to the incident. Dougan claimed these hackers orchestrated the breach as retaliation against PBSO's alleged surveillance activities against critics, specifically citing PBSO investigator Kenneth "Mark" Lewis's admitted use of software to spy on individuals inside their homes. The hackers reportedly obtained the records by breaching the Palm Beach County Property Appraiser's systems, though officials confirmed their database didn't contain the posted records and couldn't verify the source.
The publication of protected addresses—normally exempt from public records requests under Florida law—triggered immediate security concerns among affected personnel. A user named "BadWolf" claimed responsibility for the hack on PBSOTalk.com's forum, which Dougan noted was intentionally designed to prevent IP address tracing. While Dougan denied direct involvement, he acknowledged maintaining access to the site's analytics and reported observing FBI activity investigating the leak. The Palm Beach County Property Appraiser's Office initiated an internal investigation through its Information Services department but couldn't determine the hackers' methods. No contact occurred between PBSO and Dougan regarding investigative cooperation at the time of reporting. The incident amplified existing tensions between PBSO and its critics, with Dougan alleging a pattern of retaliation including social media surveillance and false reports to child welfare authorities against journalists covering the agency.