Cybersecurity and Law Enforcement

Each municipality and state has some form of a police presence. Maine is no different. The police departments hold an immense amount of data on past crimes, current investigations, and other issues.

Target

The database was used for information sharing for federal, state, and local law enforcement. The database breach may have jeopardized ongoing investigations. The database, in the Maine Information and Analysis Center (MAIC), is intended to assist with protecting against terrorism and other significant crimes. The database mostly holds information on criminal offenses and bulletins. The bulletins often contain identifying information, such as full name and date of birth under an investigation. This allows regional law enforcement to share data and collaborate to solve crimes.

Attack

The state police were notified on June 20, 2020, by Netsential of the data breach. This may have included certain information from the Maine Information and Analysis Center (MAIC). Netsential has been contracted by the state police since 2017. The company provides web hosting services to hundreds of law enforcement and government agencies across the country. The attack vector and method(s) used have not been published. This is unfortunate, as this could be a learning experience for others.

Post-Breach

The state police contacted the FBI’s Houston Field Office to investigate and determine the extent of the data breach. While the details are scant, this serves as another example of why an organization needs to have an incident response plan in place. While affected a database, it could have been much larger and devastating.

Resources

Associated Press. (2020, June 27). Security breach impacts maine state police database. Retrieved from https://www.boston.com/news/local-news/2020/06/27/security-breach-impacts-maine-state-police-database

Boston Globe. (2020, June 28). Security breach impacts maine state police database. Retrieved from https://www.newsbreak.com/maine/augusta/news/0PSSTMTZ/security-breach-impacts-maine-state-police-database

Caledonian Record. (2020, June 28). Security breach impacts state police database. Retrieved from https://www.caledonianrecord.com/news/regional/security-breach-impacts-state-police-database/article_868571e7-55ca-5514-99da-fc012f15b021.html

Coleman, M. (2020, June 27). Security breach impacts maine state police database. Retrieved from https://upnewsinfo.com/2020/06/27/security-breach-impacts-maine-state-police-database/

England, K. (2020, June 26). Main state police statement on third-party data breach involving the maine information and analysis center (MIAC). Retrieved from https://www.maine.gov/dps/msp/media-center/public-releases/maine-state-police-statement-third-party-data-breach-involving-maine

WGAN. (2020, June 29). Security breach impacts maine state police database. Retrieved from https://wgan.com/news/074470-security-breach-impacts-maine-state-police-database/

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

Featured Posts
Posts are coming soon
Stay tuned...
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us