Cyber Incident Victim: Baton Rouge Police
Date:
Jul 2016
Location:
United States of America
Summary
Following the fatal police shooting of Alton Sterling, a Baton Rouge police database was compromised by a hacker claiming retaliation for law enforcement abuses, resulting in the leak of approximately 50,000 records containing personal information. The breach was attributed to inadequate security measures, including weak permissions and exposed login credentials, rather than a technical attack. Cybersecurity experts confirmed the data's authenticity, while city officials acknowledged breach rumors but could not immediately verify details. The hacker publicly shared the data alongside social justice hashtags linked to the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The Baton Rouge Police Department experienced a significant data breach in July 2016, shortly after the fatal police shooting of Alton Sterling on July 5. On July 7, a hacker using the alias @0x2Taylor claimed responsibility for compromising the city government's servers and leaking approximately 50,000 police records. The exposed data included sensitive personal information such as names, addresses, email addresses, and phone numbers. Security analyst Jamie-Luke Woodruff of British cybersecurity firm Patch Penguin confirmed the authenticity of the leaked database, attributing the breach to inadequate security measures rather than sophisticated technical attacks. Woodruff identified weak permissions and improperly protected login credentials as primary vulnerabilities that enabled unauthorized access. Baton Rouge Information Services head Eric Romero acknowledged awareness of breach rumors but could not immediately verify the incident when contacted by media. The breach occurred amid widespread protests following Sterling's death, which occurred after officers responded to reports of an armed man outside a convenience store.
@0x2Taylor publicly shared the stolen data through social media platforms, explicitly linking the hack to retaliation against police misconduct under hashtags including #AltonSterling, #Hacked, and #BlackLivesMatter. Forensic analysis determined the attacker likely obtained access through discovered credentials rather than exploiting software vulnerabilities. The compromised records remained publicly exposed due to insufficient access controls on the city's systems. While Romero maintained uncertainty regarding breach specifics during initial inquiries, Woodruff's independent verification confirmed both the data's legitimacy and the preventable nature of the security failure. The incident exposed systemic cybersecurity weaknesses within municipal infrastructure during a period of intense public scrutiny over police practices, though official confirmation of remediation measures was not detailed in available reports.