Hackers have infiltrated the US arrest records database

Earlier this year, a hacking group broke into the personal email account of CIA director John Brenner and published a host of sensitive attachments that it got its hands on (yes, Brenner should not have been using his AOL email address for CIA business). Now, Wired reports the group has hit a much more sensitive and presumably secure target: a law enforcement portal that contains arrest records as well as tools for sharing info around terrorist events and active shooters. There's even a real-time chat system built in for the FBI to communicate with other law enforcement groups around the US.

The group has since published a portion the data it collected to Pastebin and Cryptobin; apparently it released government, military, and police names, emails, and phone numbers. But the portal the hackers accessed held much more info. All told, they got their hands on a dozen different law enforcement tools, and Wired verified that a screenshot of the Joint Automated Booking System (JABS) provided by the hackers was legitimate. The JABS vulnerability is noteworthy because it means the hackers can view arrest records as they're entered into the database -- regardless of whether or not the arrests were under court seal. Typically, those arrests might not be made public for long periods of time as a way of keeping big investigations secret.

A former FBI agent confirmed to Wired that JABS would show arrests under seal, but also noted that they usually contain less information than standard arrests and those records are sometimes removed from the system entirely. Regardless, hackers having vision into such a sensitive law enforcement database is certainly a big black eye for the FBI and other US agencies. If the hackers who got into John Brenner's email account and leaked sensitive government data weren't already a target for the FBI, they certainly are now.

[Image credit Matt McClain/The Washington Post/Getty Images]