Hacktivist Breaks Into Minnesota Government Databases to Protest Philando Castile Verdict
“An innocent man died. And a guilty one lives freely.”
Image: a katz/Shutterstock
On Friday, a jury found that the cop who shot and killed a black man in the summer of 2016 in Minnesota during a seemingly routine traffic stop was not guilty of manslaughter. The verdict prompted thousands of people to protest in the streets of St. Paul, Minnesota.
A hacker calling himself Vigilance decided to seek justice in his own way, by hacking a database belonging to the Minnesota state government, and stealing email addresses and passwords. The hacker contacted Motherboard on Sunday, claiming the hack and providing a sample of stolen data to back up his claims.
"I thought I had to do something against what I found to be unjust," the hacker told me. "This was a failure of justice. And his family won't get the satisfaction of knowing the one who killed Philando is rightly punished. An innocent man died. And a guilty one lives freely."
The hacker allegedly stole a list of 1,400 email addresses and corresponding passwords that give access to internal databases from the server admin.state.mn.us, which connects to other databases of the sites mn.state.us and mn.gov, according to the hacker.
The Minnesota government's IT services confirmed the attack.
"Minnesota IT Services is aware of this attack and is investigating the incident," the agency said in a statement sent to Motherboard on Tuesday. "Minnesota IT Services' security forensics team will share any relevant information with law enforcement for review for potential criminal activity."
On July 6, 2016, Jeronimo Yanez, a police officer from St. Anthony, Minnesota, pulled over Castile, his partner, and their 4-year-old daughter. Yanez shot Castile seven times when Castile reached for his ID, after telling Yanez he had a gun and was licensed to carry it. The aftermath of the shooting was recorded by Castile's girlfriend in a dramatic Facebook live video.
Motherboard was able to verify some of the data, such as telephone numbers of private citizens and email addresses of government officials, which the hacker also dumped online. Motherboard called several phone numbers listed as pertaining to private citizens, and verified they are correct. We also searched for the government employees' official email addresses and found them in official registries. We weren't able to verify that this data was stolen from government servers.
All the stolen password are hashed, meaning the original, real password went through a process of obfuscation, which the hacker says was done with the descrypt algorithm. As of Tuesday morning, the hacker said he wasn't able to crack the passwords.
Got a tip? You can reach this reporter on Signal at +1 917 2571382, via email with firstname.lastname@example.org , or on Jabber at email@example.com.
The stolen data seems to be a mish-mash of different, disparate information. There's a contact list of people who appear to be outside contractors; emails and passwords for people that don't appear to be affiliated with the Minnesota government but appear to be users of a scientific forum maintained by the Minnesota IT services; and a handful of passwords and email addresses of Minnesota government employees who appear to be IT administrators.
All in all, this is not incredibly sensitive data. But Vigilance claimed he could impersonate a Minnesota government employee, or an official, if he wanted. The hacker also said he still has access to the hacked systems as the vulnerability he exploited isn't patched yet.
UPDATE June 22, 10:06 a.m. ET: On Wednesday, the Minnesota IT services provided more details on the extent of the hack, claiming in a statement that the breach "impacted a very small portion of the State of Minnesota's technology infrastructure, primarily affecting legacy computer systems that are no longer in use."
"This event did not impact any major business systems that support state government operations," read the statement, which was sent to Motherboard via email.
The agency also said it would turn over the results of its forensic investigation to the FBI.
Get six of our favorite Motherboard stories every day by signing up for our newsletter.