Slashdot Mirror

← Back to Stories (view on slashdot.org)

Homeland Security Subpoenas Twitter For Data Breach Finder's Account (zdnet.com)

Posted by msmash on from the up-next dept.

An anonymous reader shares a report: Homeland Security has served Twitter with a subpoena, demanding the account information of a data breach finder, credited with finding several large caches of exposed and leaking data. The New Zealand national, whose name isn't known but goes by the handle Flash Gordon, revealed the subpoena in a tweet last month. The pseudonymous data breach finder regularly tweets about leaked data, found on exposed and unprotected servers. Last year, he found a trove of almost a million patients' data leaking from a medical telemarketing firm. A recent find included an exposed cache of law enforcement data by ALERRT, a Texas State University-based organization, which trains police and civilians against active shooters. The database, secured in March but reported last week, revealed that several police departments were under-resourced and unable to respond to active shooter situations.

Homeland Security's export control agency, Immigration and Customs Enforcement (ICE), served the subpoena to Twitter on April 24, demanding information about the data breach finder's account. ICE demanded Twitter turn over his screen name, address, phone number -- and any other identifying information about the account, including credit cards on the account. The subpoena also demanded the account's IP address history, member lists, and any complaints filed against the Twitter account.

11 of 48 comments (clear)

  1. Finder. Not breach creator. Finder. by Anonymous Coward · · Score: 2, Informative

    How dare you say the king is wearing no clothes!

  2. No fan of an HSA TLAs by TimMD909 · · Score: 5, Insightful

    The Homeland Security crowd seems as focused on security as the Ministry of Truth was about truth.

  3. Re:We'd all be better off by Anonymous Coward · · Score: 2, Insightful

    Government secrets used to be leaked in newspapers; burn all newspapers!

  4. Incompetence? by Maelwryth · · Score: 3, Insightful

    Someone should tell them what the wheel on the mouse does. It might save them having to use a lawyer every time they want some freely available info in a twitter feed....or they could just talk to him.

    --
    I reserve the write to mangle english.
  5. The horse is already out by Nidi62 · · Score: 4, Insightful

    In a sane world, they would be finding them to give them a medal. If he could find those leaks, there's a good chance somebody else already had. And these days it seems the only way to get companies to acknowledge and fix leaks is to make them public, otherwise they get swept under the rug.

    On a side note, having a hard time seeing how this falls under the purview of ICE. And I'm sure the government will be going after the medical telemarketing firm for a breach of HIPAA

    --
    The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
  6. Remember, this is publicly accessible data by Anonymous Coward · · Score: 5, Insightful

    They're going after someone who walks down the virtual street pointing out things that are publicly accessible without a single functional access control mechanism. This isn't a "hacker," it's a person that points at something on the digital street that anyone could find and access anyway. This person has committed no crimes whatsoever in doing this.

    1. Re:Remember, this is publicly accessible data by BlueStrat · · Score: 4, Insightful

      They're going after someone who walks down the virtual street pointing out things that are publicly accessible without a single functional access control mechanism. This isn't a "hacker," it's a person that points at something on the digital street that anyone could find and access anyway. This person has committed no crimes whatsoever in doing this.

      He committed the worst crime imaginable in the eyes of the US Government.

      He revealed the incompetence and ineffectiveness of a US Government security agency. To those in government, there are few crimes as onerous as revealing their incompetence and lawbreaking for all to see.

      It appears that the NSA and other US TLAs have been too busy with US domestic mass surveillance, data-farming, and domestic political shenanigans to bother with piddly things like securing national infrastructure and other mundane tasks they were created to perform. Very sad.

      Strat

      --
      Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
  7. Re:That's no boating accident by onepoint · · Score: 3, Informative

    While you might have thought you were Trolling, I went and looked and discovered something that I never knew existed and it's rather interesting ( at least to me who like's to learn about customs, shipping and laws

    what ICE issued was a
    Export Enforcement Supeana: WTF is what I said, then I learned, interesting tool they have https://www.law.cornell.edu/cf... that's the link to the Cornell legal explanation of it and where it sits in the law books.

    Now how it applies to Twitter, well that's up to a lawyer to explain to the readers of slashdot
    I understand how it applies to exports but this is confusing how it's being applied to Twitter.

    --
    if you see me, smile and say hello.
  8. Re:We'd all be better off by PopeRatzo · · Score: 4, Informative

    if Twitter just went away one day. It's a part of the culture at this point and collectively making everyone dumber.

    I feel the same way about the Department of Homeland Security.

    --
    You are welcome on my lawn.
  9. interesting prioritization by jm007 · · Score: 2

    there's enough resources to track down someone pointing out DHS fuckups but not enough to set up a firewall or two to prevent the fuckups in the first place

    the fuckups allowing all that private data to leak out won't be held accountable as wrongdoers, just the person pointing it all out

    there's always more to the story than we're being told

  10. Blame both. Don't allow yourself to do bad things by raymorris · · Score: 2

    Your post was interesting, thanks.

    > do not get angry at HLS for asking it but at the judge for giving it, if you think they should not have done that.

    We don't know why they're asking, or what basis (evidence) they have to support the subpoena, but let's assume for a moment that there is a bad subpoena, that the subpoena shouldn't have been done. If so, I would definitely blame the people who decided to get a bad subpoena that they shouldn't have gotten. "The judge let us get away it" isn't an excuse for doing bad things.

    If a subpoena is not only bad but also illegal, the judge would ALSO be at fault for allowing an illegal subpoena. (Remember judges rule on what's legal, not on what they think is good).

    In fact I would go so far as to say a free country *requires* we hold ourselves to a higher standard than "it's fine to do anything, so long as a judge doesn't rule it illegal". If we as a society decide we'll all do whatever nasty things as long as the law lets us get away with it, then we'd need laws against everything that might be a problem. If the only limits we put on our behavior is the law, pretty soon we need laws to stop all kinds of things, totalitarianism is required. If instead we live based on trying to do the right thing, to be considerate of others and avoid causing problems for other people (law or not), then we don't need so many laws. We can have a functioning society that is much more free of we each use our freedom in ways that are respectful and considerate of others, we don't need laws telling us exactly what we can and can't do.

    > I thought it was a judge who did the subpoena and not HLS?

    In this instance the agency can issue a subpoena. If someone doesn't comply with the subpoena, they can ask a court to enforce it.