Germany seizes server hosting files hacked in Houston
BOSTON — At the behest of the U.S. government, German authorities have seized a computer server that hosted a huge cache of files from scores of U.S. federal, state and local law enforcement agencies obtained in a Houston data breach last month.
The server was being used by a WikiLeaks-like data transparency collective called Distributed Denial of Secrets to share documents — many tagged “For Official Use Only” — that shed light on U.S. police practices.
The data, dating back to 1996, include emails, audio and video files and police and FBI intelligence reports. DDoSecrets founder Emma Best said the data, dubbed “BlueLeaks,” comes from more than 200 agencies. It has been stripped of references to sexual assault cases and references to children, but names, phone numbers and emails of police officers were
not redacted, said Best, who uses they/their pronouns.
Best said that DDoSecrets obtained the data from an outside individual who sympathized with nationwide protests against police killings of unarmed Black people. Some of the files offer insights into the police response to those protests, they said.
The documents came to light via a breach of Houston web-design company Netsential, which hosts portals for law enforcement agencies and “fusion centers,” state-run operations created after the 9/11 attacks to share threat intelligence with local and state police and private-sector partners.
The prosecutor’s office in Zwickau, a German city near the Czech border, said in an emailed statement Wednesday that the server was confiscated July 3 in the town of Falkenstein following a request from U.S. authorities.
The FBI declined to comment. A U.S. Embassy spokesperson in Berlin did not respond to phone calls and emails seeking comment.
The Zwickau prosecutors’ statement said it would be up to German judicial authorities to decide whether to hand the server over to U.S. authorities. It said it would not disclose the reason for the U.S. request. Neither would a representative of Hetzner Online, the company that hosted the server.
Best said they assume the seizure was related to the posting of the BlueLeaks documents. They said the files show “a lot of things that are entirely legal and normal and horrifying,” including police surveillance and police intelligence of dubious origin. Best said none of the documents was classified.
Netsential is a small company with a office in the Galleria area. It incorporated in the late 1990s and provides internet hosting and web development services. According to documents from the Texas Secretary of State, its directors are Stephen M. Gartrell and Clarence F. Needham III.
Reached by phone Thursday morning, Gartrell would not comment. A statement acknowledging the breach and a contact form are the only pages currently visible on its website.
Netsential’s work for law enforcement goes back to the early 2000s, when it was involved in setting up websites used to help agencies collaborate after the 9/11 attacks. In 2011, Gartrell was given an award by the FBI; a photo on the agency’s Houston website shows him shaking hands with then-FBI Director Robert Mueller.
The documents stolen from Netsential’s servers help expose “the United States’ overdeveloped police intelligence apparatus,” said Brendan McQuade, a criminology professor at the University of Southern Maine who has viewed the documents. The files do not include high-level intelligence but provide a window into the relationship between law enforcement at all levels, he said — one that he believes the FBI doesn’t want the public to see lest it “add more fuel to the protests” against police brutality and racism in policing.
Best said the files remain publicly accessible through more complicated means such as BitTorrent and the Tor network, both of which complicate censorship efforts. Best said the organization is now rebuilding its infrastructure for public access. “All they cost us is time,” they said.
Shortly after DDoSecrets posted the data, Twitter permanently suspended the organization’s account for publishing links and images from the collection, citing a ban on the posting of hacked material.
Executives of the National Fusion Centers Association did not respond to emails and phone calls seeking comment on whether any sensitive investigations may have been compromised by the breach. But Maine State Police said in a statement on June 26 that the FBI was investigating and that affected bulletins may “contain identifying information, such as full name and date of birth of people under investigation by other law enforcement agencies.” It said they “may also involve individuals wanted for criminal activity.”
DDoSecrets was created in late 2018 by Best, a journalist specializing in freedom-of-information petitions. It has worked on various investigations with established media organizations including the German newsmagazine Der Spiegel and the U.S. news organization McClatchy.
Previous DDoSecrets releases include data on offshore Bahamas accounts used as tax havens, files hacked from Chilean police and data from a British provider of offshore financial services that has drawn comparisons, on a smaller scale, to the 2016 Panama Papers leak.