‘SweepWizard’ Policing App May Have Exposed Personal Data on Hundreds of Officers and Thousands of Suspects

A little bit-known policing app credited with serving to greater than 60 legislation enforcement departments conduct multi-agency raids might have leaked confidential information about these raids, suspects not but convicted of crimes, and, in some circumstances, the very officers concerned within the operations, to the open web.

The leaks, in line with a Wednesday Wired report, contain an app known as SweepWizard developed by ODIN Intelligence. SweepWizard might have leaked personally figuring out info on tons of of officers and hundreds of suspects. Those particulars embrace the time of raids, geographic coordinates of suspects’ houses, people’ demographic info, and, in some circumstances, suspects’ Social Security numbers. When mixed, the report notes, these and different particulars may doubtlessly be used to tip off suspects to a possible raid. Gizmodo couldn’t independently confirm Wired’s findings.

In complete, the report claims SweepWizard might have uncovered the places and names of 5,770 suspects. Social Security numbers had been reportedly included for round 1,000 of these suspects. Names, cellphone numbers, and electronic mail addresses of tons of of officers and particulars of round 200 operations, in the meantime, had been additionally implicated. Wired reviews that information on the app was accessible way back to 2011 and as lately as December 2022 was accessible. All of that publicity was made attainable resulting from a flaw within the app’s API that allowed any customers with an actual URL to seek out supposedly confidential information on the app from an internet browser, all with out logging in.

ODIN Intelligence didn’t instantly reply to Gizmodo’s request for remark. Gizmodo was unable to entry SweepWizard’s web site and app from Apple’s App Store. The software seems to have been pulled offline. ODIN Intelligence’s web site claims it companions with an assortment of legislation enforcement collectives, together with the National Sherriff’s Association, the International Association of Chiefs of Police, and the American Correctional Association, amongst others.

“ODIN Intelligence Inc. takes security very seriously.” ODIN Intelligence CEO, Erik McCauley mentioned in an announcement despatched to Wired. “We have and are thoroughly investigating these claims. Thus far, we have been unable to reproduce the alleged security compromise to any ODIN system. In the event that any evidence of a compromise of ODIN or SweepWizard security has occurred, we will take appropriate action.”

G/O Media might get a fee

Up to $100 credit score

Samsung Reserve

Reserve the subsequent gen Samsung machine
All you could do is join together with your electronic mail and growth: credit score in your preorder on a brand new Samsung machine.

Multiple legislation enforcement businesses decided to have beforehand used free trials of SweepWizard now say they’re investigating their use of the app. The Los Angeles Police Department, which reportedly used the app final yr in a huge intercourse offender operation dubbed, Operation Protect the Innocent, informed Wired it has since suspended its use of SweepWizard pending the conclusion of an ongoing investigation.

The alleged SweepWizard publicity highlights the potential pitfalls of an more and more widespread legislation enforcement observe: outsourcing policing efforts to small, non-public corporations. From native police to the FBI and Department of Homeland Security, businesses have proven a willingness to gather location and different private information for a value, a observe some privateness advocates describe as a “legal loophole.”