U.S. Law Enforcement Training Center Data Breach 'Exposes Cops, FBI Agents'

A database containing the personal details of thousands of U.S. law enforcement officers linked to a Texas State University–based training center known as ALERRT was leaked online.

The data, which dates back to mid-2017, contained email addresses, work addresses and phone numbers of police and federal agents, ZDNet reported Friday. The publication, which obtained the cache from a security researcher using the pseudonym Flash Gordon, said that staff from three major agencies—the FBI, Customs and Border Protection (CBP) and US Border Patrol—were impacted.

ALERRT, or Advanced Law Enforcement Rapid Response Training, teaches how to deal with active shooter situations. It was created in 2002 in partnership between Texas State University, the Texas Police Department and Hays County Sheriff's Office. More than 85,000 law enforcement officers across the U.S. have reportedly been trained in its FBI-certified operations and tactical programs.

The leaked information, which ZDNet reported was left online without password protection, also included emails about enrollment classes and complaints about a lack of departmental resources. One database table allegedly contained identifying information for more than 17,000 course instructors.

The spokesperson for ALERRT did not immediately respond to a request for comment.

The exposure of U.S. law enforcement data led to fears that officers could be identified and targeted, however there is no evidence this has occurred. The database has now been secured.

Ken Pierce, vice president for information technology at Texas State University, told Newsweek that he was aware of the data breach involving the ALERRT center.

"A database including personal information of law enforcement personnel was stored on an unsecured web server," Pierce said. "The university's Information Security Office learned of the breach in late March 2018 and took immediate action to secure the exposed data as it launched an investigation.

"Individuals whose records were compromised by the breach, as well as the Texas Department of Information Resources, have been notified," he continued, adding: "Texas State is committed to data security and has complied with all laws and regulations regarding the incident. The university's Information Security Office is working with ALERRT on a mitigation plan to ensure future security."

It is not the first time that sensitive police data has been the subject of controversy. In 2016, files belonging to the Fraternal Order of Police (FOP), a union with approximately 330,000 members, was leaked onto the internet by a hacker. The 2.5 gigabyte trove included chats from an online forum that were critical of President Barack Obama and illegal immigrants, The Guardian reported at the time.

In July the same year, a security researcher found a terrorism database used by police departments and intelligence agencies—known as World Check—had been online without password protection.

The database, which is managed by Thomson Reuters and designed to house profiles on suspected terrorists and shady individuals linked to organized crime, included more than 2.2 million records. The blacklist was later listed for sale on the dark web for 10 bitcoin, which was $6,600 at the time.

Since launching, ALERRT has reportedly been awarded more than $50 million in state and federal grant funding. According to the organization's website, its training courses are delivered by veteran law enforcement SWAT specialists with real proven experience in active shooter response situations.