Will P3 wind up on a vendors not to be trusted list? DataBreaches.net reports:
P3 Global Intel advertises itself as a “fully integrated and state-of-the-art tip acquisition and tip management solution that has quickly become the leading choice of Crime Stoppers Programs, Law Enforcement Agencies, Campus Safety Programs, and Federal Agency Initiatives.” 35,000 U.S. schools use P3 Campus, which partners with “safer school” initiatives such as Sandy Hook Promise, Safe2Tell CO and WY, SafeVoice NV, SafeSchools MD, Courage2Report MO, Safe2Say Something PA, SaySomething NC and SpeakUpSpeakOut WI.
Giving students a safe way to report problems and potential violence is a great idea. But if a firm is going to guarantee the anonymity of tips, it needs top-notch security. A hacktivist says P3’s security was not up to the task.
The incident, named “BlueLeaks 2.0” by transparency site DDoSecrets.org, reportedly contains 8.3 million tips acquired by a hacktivist who gave the data to DDoSecrets, Mikael Thalen of Straight Arrow News, and DataBreaches.net.
DataBreaches’s analysis confirmed P3’s claims that the most frequent reports for the k-12 students and programs involves suicide threats, bullying or cyberbullying, and drugs in school. But DataBreaches.net also provided evidence to refute any claims that the tips were secure and anonymous, as real names appeared in the dataset.
The dataset is reportedly up for sale on a hacking forum, and there is great concern that people might be at risk of physical harm or retribution if the tips are eventually leaked publicly or are accessible to more people.
Read more at DataBreaches.net.
