What happens when crime fighters are exposed to a huge cybersecurity problem? It puts the safety of all at risk.
This was on the mind of many when a trove of law enforcement data was leaked in late June. The breach happened at the Advanced Law Enforcement Rapid Response Training (ALERRT) Center.
The training center for active shooter response situations is at Texas State University and is funded in part by the federal government.
The organization works with federal agencies like the FBI and police departments across the nation. Since its inception in 2002, ALERRT has trained over 114,000 law enforcement officials. It has prepared them for emergencies and catastrophes, and plans to offer more extensive training.
It has received millions in funding from state governments, the Department of Homeland Security and the Department of Justice. Recently, it was commended for establishing deeper partnerships between local law enforcement agencies.
However, this data breach may prevent trained officers and police departments from timely responses in an active shooter situations.
The backend database, located at Texas State University, powers ALERRT’s website. This data contains extensive information on local, state and federal officers who underwent the active shooter response training.
While the extent of the breach is not known, it is natural to worry. In the wrong hands, this data could be dangerous.
Perpetrators could trace the personal data uncovered in the breach and combine them with other readily available information on the internet. They could then use the information to target individuals or groups of first responders.
Another worrisome factor is the leak of information about officers' skills. The database had detailed histories on officers’ skills and training. This could give one a thorough idea of which officers to target in a potential crisis and/or terror situation.
Along with police officers, the list includes information about officers from the Customs and Border Protection (CBP), the FBI, and U.S. Border Patrol. It also contained the names of more than 17,000 instructors.
The dangers of the breach don’t stop there. The database contained geolocation coordinates of schools, police departments, courts and government buildings, universities, malls, and in some cases, police officers' home addresses.
Also included were emails that recorded correspondence between trainees and ALERRT. Password reset emails with sensitive data like the last four digits of a social security number or date of birth were leaked, too.
Deficiencies in each jurisdiction could be a part of the leak. For example, if any department mentions their lack of training or capabilities, like the absence of a SWAT team, it would reveal a specific inability to respond to an active shooter situation.
Though the database has now been secured, it is difficult to guess who has accessed this highly sensitive information and what damage may have already been done.
