#ddosecrets — Public Fediverse posts

NEW: My post on the student/k-12 tips exposed in "BlueLeaks 2.0" is now up.

P3 Campus and its partner programs like Safe2Say Something PA, Safe2Tell, and Sandy Hook Promise were supposed to provide secure and anonymous ability to report tips.

Promises of security and anonymity do not appear to have been kept. A hacker claims it was easy to gain access and repeatedly access the database to acquire more than 8 million tips.

There is not much anonymous about what I reviewed in the dataset.

Many of the school-related tips I reviewed reported concerns over named students with suicidal ideation or cutting, students being bullied or bullying others, and drugs (mostly vaping) in school. Some students reported cybercriminal activity.

Navigate360, the parent company of P3, still hasn't publicly acknowledged that it was breached and that sensitive information was involved. Their lack of transparency was noted by @douglevin

The dataset has not been leaked publicly, but the "Internet Yiff Machine" who provided it to #ddosecrets and https://infosec.exchange/@mikaelthalen@mastodon.social -- and then to me -- has listed it for sale.

My focus in this post was on the student/school -related tips, but the 93.51 GB dataset has millions of tips that include adult issues and crimes, including drugs, homicide, assaults, etc. I provide one or two examples from the non-student tips to illustrate how sensitive the tips are in this dataset.

This may be the worst breach I've ever seen involving sensitive student information, and I've seen many student-related data breaches over the past two decades.

Read: "P3 Advertised 20+ Years and 0 Security Breaches. You Can Guess What Happened Next.'" at https://databreaches.net/2026/04/16/p3-advertised-20-years-and-0-security-breaches-you-can-guess-what-happened-next/

#BlueLeaks2 #DDoSecrets #databreach #P3Campus #P3Tips #Navigate360 #CrimeStoppers #Safety #Safe2tell #InternetYiffMachine

@zackwhittaker @campuscodi @jgreig @euroinfosec @funnymonkey @mkeierleber @JayeLTee

Une hacktiviste déguisée en Pink Ranger supprime des sites de nazis en live au 39C3

https://web.brid.gy/r/https://korben.info/hacktiviste-pink-ranger-supprime-sites-nazis-39c3.html

Une hacktiviste déguisée en Pink Ranger supprime des sites de nazis en live au 39C3

https://web.brid.gy/r/https://korben.info/hacktiviste-pink-ranger-supprime-sites-nazis-39c3.html

Researcher Wipes White Supremacist Dating Sites, Leaks Data on okstupid.lol https://hackread.com/white-supremacist-dating-sites-wiped-okstupid-lol/ #Cybersecurity #Vulnerability #HackingNews #DDoSecrets #HACKTIVISM #MarthaRoot #WhiteChild #WhiteDate #WhiteDeal #Security #OkStupid #Germany #OkCupid #europe #CCC

Hackers Leak 9GB of Data from Alleged North Korean Hacker’s Computer – Source:hackread.com https://ciso2ciso.com/hackers-leak-9gb-of-data-from-alleged-north-korean-hackers-computer-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #HackingNews #DDoSecrets #NorthKorea #Hackread #security #Kimsuky #cyb0rg #defcon #Phrack #Saber

Hackers Leak 9GB of Data from Alleged North Korean Hacker’s Computer https://hackread.com/hackers-leak-9gb-data-north-korean-hacker-computer/ #Cybersecurity #HackingNews #CyberAttack #DDoSecrets #NorthKorea #Security #Kimsuky #cyb0rg #defcon #Phrack #Saber

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index https://hackread.com/ddosecrets-adds-410gb-telemessage-breach-data-index/ #Cybersecurity #Vulnerability #TeleMessage #databreach #DDoSecrets #Security #Privacy #Singnal #TMSGNL #Leaks #LEAKS

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index https://hackread.com/ddosecrets-adds-410gb-telemessage-breach-data-index/ #Cybersecurity #Vulnerability #TeleMessage #databreach #DDoSecrets #Security #Privacy #Singnal #TMSGNL #Leaks #LEAKS

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index https://hackread.com/ddosecrets-adds-410gb-telemessage-breach-data-index/ #Cybersecurity #Vulnerability #TeleMessage #databreach #DDoSecrets #Security #Privacy #Singnal #TMSGNL #Leaks #LEAKS

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index https://hackread.com/ddosecrets-adds-410gb-telemessage-breach-data-index/ #Cybersecurity #Vulnerability #TeleMessage #databreach #DDoSecrets #Security #Privacy #Singnal #TMSGNL #Leaks #LEAKS

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index – Source:hackread.com https://ciso2ciso.com/ddosecrets-adds-410gb-of-telemessage-breach-data-to-index-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #TeleMessage #DataBreach #DDoSecrets #Hackread #security #privacy #Singnal #TMSGNL #Leaks

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index – Source:hackread.com https://ciso2ciso.com/ddosecrets-adds-410gb-of-telemessage-breach-data-to-index-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #TeleMessage #DataBreach #DDoSecrets #Hackread #security #privacy #Singnal #TMSGNL #Leaks

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index – Source:hackread.com https://ciso2ciso.com/ddosecrets-adds-410gb-of-telemessage-breach-data-to-index-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #TeleMessage #DataBreach #DDoSecrets #Hackread #security #privacy #Singnal #TMSGNL #Leaks

DDoSecrets Adds 410GB of TeleMessage Breach Data to Index – Source:hackread.com https://ciso2ciso.com/ddosecrets-adds-410gb-of-telemessage-breach-data-to-index-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #TeleMessage #DataBreach #DDoSecrets #Hackread #security #privacy #Singnal #TMSGNL #Leaks

DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage

https://micahflee.com/ddosecrets-publishes-410-gb-of-heap-dumps-hacked-from-telemessages-archive-server/

#HackerNews #DDoSecrets #TeleMessage #data #breach #heap #dumps #cybersecurity #hacking

Charli’s Confessions: Interview with Gang Leader who Pacted with Nayib Bukele https://elfaro.net/en/202515/ef_tv/27825/charli-rsquo-s-confessions-interview-with-gang-leader-who-pacted-with-nayib-bukele #DDoSecrets #Guacamaya

In January, El Faro interviewed leaders of the 18th Street Revolucionarios gang who not only cut deals for years with the entourage of Nayib Bukele, but also escaped the country with the complicity of his government. This is the first time that gang leaders who entered supermax prisons in masks during the negotiations reveal the agreements that permitted Bukele’s ascent.

Sleepers awake. We are studying leaks as media, throwing everything we know from the phreaks, the networking technical experts, the pirates, all the hackers, the fan scholars, artists from mark lombardi to hans haacke, and the media aces at this. Here's what we know about the current state of hybrid warfare. Its not much but it's more than we knew in 2016...

https://alpha60.co/2024/05/26/leak-distribution-analysis-part-two/

#alpha60 #ddosecrets #allwedoishack #gamerecognizegame

#BlueLeaks: Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It https://www.wired.com/story/parabon-nanolabs-dna-face-models-police-facial-recognition/ #DDoSecrets

Cross-border investigations backed by @ddosecrets' ranked First and Third in the Center for Cooperative Media's #top 10 #journalism collaborations of 2023! https://medium.com/centerforcooperativemedia/here-are-the-top-10-journalism-collaborations-of-2023-a4f62c68e18e 🏆

#DDoSecrets' work with ICIJ and OCCRP, including providing the data and foundational research, enabled both the #NarcoFiles and the #CyprusConfidential collaborations. The real world impact of these investigations is already being felt and will continue well into 2024

We're also proud to have worked with PPLAAF on another collaboration this year, in addition to ICIJ's other 2023 investigation, #DeforestationInc

More from:

Center for Cooperative Media: https://collaborativejournalism.org/

Distributed Denial of Secrets: https://ddosecrets.com/

Contribute to DDoSecrets: https://donorbox.org/ddosecrets-five-years-later

US police agencies took intelligence directly from IDF, leaked files show https://www.theguardian.com/us-news/2023/dec/08/us-police-agencies-idf-files-blueleaks #DDoSecrets

Analysis of #BlueLeaks trove also shows police received training on domestic ‘Muslim extremists’ from pro-Israel groups

In 2021 I was a co-author on a paper analyzing leaked documents from fusion centers, cross-jurisdictional law enforcement collaborations intended for counter-terrorism. The leaked memos from Maine and Massachusetts suggested that resources intended for national security were instead focused on local property crime, drug crime, and homelessness. Following our report and many others, the Maine house voted to eliminate their fusion center, but was overruled by their state senate.

Our paper just got its first academic citation, by researchers working on secure cloud computing to prevent data leaks, who reference our work as an example of a "fatal public security threat." 🙃

#ddosecrets #blueleaks

Secretive White House Surveillance Program Gives Cops Access to Trillions of US Phone Records https://www.wired.com/story/hemisphere-das-white-house-surveillance-trillions-us-call-records/ #DDoSecrets

A WIRED analysis of leaked police documents verifies that a secretive government program is allowing federal, state, and local law enforcement to access phone records of Americans who are not suspected of a crime #BlueLeaks

ICE previously withheld 567 pages in full and redacted 50 pages out of 627 about #BlueLeaks

Thanks to my #FOIA appeal, they'll be releasing more.

Initial release revealed law enforcement tried to look at the legal fund setup when DHS started knocking on doors and offering random activists money to become snitches against #DDoSecrets in general and me specifically

"The city’s lawsuit was denounced as meritless by First Amendment experts. “Once the government gives you information in good faith, you have the right to publish it under the First Amendment,” David Loy, legal director of the First Amendment Coalition, told The Intercept. “This is not even a close case.”" https://theintercept.com/2023/04/11/los-angeles-lawsuit-lapd-headshots/ #LAPDHeadshots #DDoSecrets

"Officers who ‘serve in sensitive assignments .... is an impossibly broad category of officers that could include just about any officer’s work at some point during their career." https://www.latimes.com/california/story/2023-04-06/la-officials-sue-journalist-activist-group-after-accidentally-releasing #DDoSecrets #LAPDHeadshots

Release: #LAPDHeadshots https://ddosecrets.com/wiki/LAPD_Headshots 269 MB of photos of active LAPD officers labelled with their names and serial numbers. The LAPD released these photos in a public records request from a reporter, and then got sued by the police union for not notifying them. Now the city is trying to sue the reporter to get the cat back in the bag. #DDoSecrets is mirroring this dataset and has published torrents so others can mirror it as well: https://ddosecrets.substack.com/p/release-lapd-headshots-269-mb

Desaparecidos en México: documentos militares filtrados por #Guacamaya aportan luz sobre lo sucedido con los 43 estudiantes de Ayotzinapa, pero aún hay más de 100.000 casos sin resolver
https://www.democracynow.org/es/2023/3/16/desaparecidos_en_mexico_documentos_militares_filtrados #SEDENALeaks #DDoSecrets

Powerful point of view from Luis Fernando Garcia about the real threat to democracy in Mexico being the concentration of the power of the military, not the so called cyber crimes. Then the first question the moderator raises, is whether Mexico needs a new cyber security law to criminalize hacking? #Sedenaleaks #DDoSecrets #Guacamayaleaks

Garcia says R3D still has ongoing investigations which use this dataset, and it's a long process. And he reiterates that under the constitution, they have a right to research this dataset, and they are willing to take that to court if anyone challenges it. He is convinced that the research into #Sedenaleaks are in the public interest. #GuacamayaLeaks #DDoSecrets

The next panelist to speak is Luis Fernando Garcia from R3D Mexico. He says we should take Guacamaya's word for how they carried out the breach, because the explanation they gave is plausible. He says #Guacamaya denounced that in their process of extracting the Sedena data, they discovered that others had accessed the same dataset before them, which could be any nation state or entity. He says R3D had already been working on a pre-existing investigation about the #Pegasus spyware contract. He says the Sedenleaks documents strengthened the hypotheses of their existing investigation and allowed them to publish their Ejército Espía stories shortly after the #Sedenaleaks were out. #DDoSecrets

She says the leaks are essential for documenting how the public forces are failing the public, like their lack of resources invested in sexual assault investigations. #Sedenaleaks She says cybersecurity must include awareness of human rights and gender based violence. She says there are groups who can speak to this, including the revelation about sexual assaults in the military that #Sedenaleaks revealed, and these groups are missing from this current conversation. #DDoSecrets #GuacamayaLeaks

Watching the panel at UNAM talking about the #GuacamayaLeaks in Mexico, #SEDENAleaks https://fb.watch/iQJqFbnlEl/ #DDoSecrets

Auto-translated: "Almost never is only a single name recorded. Several possible or known spellings of the name were entered for each person, sometimes also different dates of birth for the respective spellings and in various cases also pseudonyms and aliases that have become known to the US authorities. The databases therefore often contain ten, twenty or even fifty entries for individual people.
In the case of the (spy) German private detective and freelance intelligence agent Werner Mauss, there are even 122. In the 1970s and 1990s, Mauss traveled a lot for authorities such as the Federal Criminal Police Office and the BND, helped arrest terrorists and negotiating to free German hostages from the hands of terrorist groups. He has a variety of aliases on the US #noflylist, most of which are not publicly known. In total, the US authorities have recorded 15 identities for him. Why Mauss is on this list at all and therefore probably cannot fly to the USA is a mystery. He doesn't want to say anything about it himself, but it's clear from his statements that he can't explain it. Unfortunately, this cannot be clarified, and the TSA did not answer questions about it." https://www.zeit.de/politik/2023-02/usa-no-fly-liste-einreise-terrorismus-unschuld/komplettansicht #DDoSecrets

Limited distribution: the No Fly list. A copy of the United States' #NoFlyList from 2019, which CommuteAir left on an misconfigured (unsecured) development server. The list contains over 1 million entries, though many are aliases or otherwise duplicates. Index article: https://ddosecrets.com/wiki/No_Fly_List Newsletter issue: https://ddosecrets.substack.com/p/limited-distribution-no-fly-list #DDoSecrets

L'hacker maia arson crimew trova online, su server aperto, file della sicurezza nazionale americana, per i controlli delle persone negli aeroporti.

#NoFlyList ora trapelata, consente analisi e fa emergere riflessioni tra piccoli privati e sicurezza nazionale.

#databreach #cybersecurity #ddosecrets

https://www.insicurezzadigitale.com/trapelata-la-no-fly-list-americana-un-hacker-lha-trovata-online-sul-server-della-compagnia-aerea/

Cyberscoop profiles #Guacamaya: "Officials in Peru attempted to quash coverage of the leaks there. A Peruvian military official threatened to bring treason charges against Ernesto Cabral, a journalist with the independent Peruvian news outlet La Encerrona, when he initially reported on the #FuerzasRepresivas
material...

La Encerrona wrote extensively about Guacamaya’s Peruvian leaks, covering revelations the Peruvian military had been monitoring left-wing parties and specific left-wing figures as threats to the state. The files also revealed that the Peruvian military deemed civil organizations in the region a threat because they “infiltrate and advise the population against mining,” La Encerrona tweeted." https://www.cyberscoop.com/guacamaya-hacktivist-group-latin-america-interview/ #DDoSecrets

There's beyond a myriad of reasons to leave #twitter (or stay & just use it for research) and move to another platform like this extinct furry elephant site.
Let me share one of mine…

I can’t do this on the tesla-bird app:

https://ddosecrets.com/wiki/Oath_Keepers

https://ddosecrets.com/wiki/Patriot_Front

https://ddosecrets.com/wiki/BlueLeaks

#ddosecrets #osint #riptwitter #twittermigration #oathKeepers #patriotFront #BlueLeaks #police
(re-posting to fix technical issues)

In 2020, El Salvador's Police Intelligence identified the Vice Minister of Security as part of criminal structures https://elfaro.net/es/202211/el_salvador/26442/Inteligencia-Policial-del-actual-Gobierno-perfila-a-Osiris-Luna-como-un-delincuente.htm #DDoSecrets #GuacamayaLeaks

Leaked SEDENA files show that the Mexican Army's focus was on social media exploitation and not investigation after an "historic seizure" https://www.tribuna.com.mx/sonora/2022/11/5/guacamaya-sedena-uso-decomiso-historico-en-navojoa-para-buscar-likes-en-redes-sociales-313660.html #GuacamayaLeaks #FuerzasRepresivas #EnlaceHacktivista #DDoSecrets

DDoSecrets: así es la sucesora de Wikileaks que filtra cientos de GB de datos rusos cada día desde el inicio de la guerra

En 2020 saltaron a la fama con la filtración 'BlueLeaks' de la policía estadounidense, pero está siendo ahora cuando el grupo Distributed Denial of Secrets, más conocido simplemente como DDoSecrets, está convirtiéndose en uno de los ejemplos de ciberactivismo más destacados. Apuntando nada más y nada menos que contra Rusia. Desde que empezó la guerra, el grupo ha publicado cientos de GB de datos de las principales organizaciones rusas... prácticamente cada día.

Todas las filtraciones se pueden consultar en una web dedicada. Una wiki donde encontraremos clasificadas los distintos conjuntos de datos, desde 726 GB de Gazprom hasta 817 GB de Roskomnadzor, la agencia que monitoriza los medios de comunicación en Rusia.

🔗 https://ddosecrets.com/wiki/Distributed_Denial_of_Secrets

Seguir Leyendo: https://www.xataka.com/seguridad/ddosecrets-asi-sucesora-wikileaks-que-filtra-cientos-gb-datos-rusos-cada-dia-inicio-guerra

#DDoSecrets #wikileaks #rusia #ucrania #BlueLeaks #ñ #ciberactivismo #Gazprom #Roskomnadzor

Gli hacktivisti di #Anonymous hanno segnalato il furto di quasi duecento gigabyte di dati dal registrar di domini #Epik. L’elenco dei clienti dell’azienda include siti radicali di destra, tra cui #TexasGOP, #Gab, #Parler, #8chan, ecc. I dati rubati sono stati pubblicati sotto forma di file torrent e pubblicati anche sul sito Distributed Denial of Secrets (#DDoSecrets).
Di Dario #Fadda su #InsicurezzaDigitale
https://www.insicurezzadigitale.com/anonymous-pubblica-180-gb-di-dati-da-un-provider-di-hosting-di-estrema-destra/