Anonymous, aiming for relevance, spins old data as new hacks

The group is trying to use the nationwide protests to draw attention to data that was stolen years ago.

Anonymous, the once-formidable hacking collective, continued its transformation into a cohort of social media opportunists over the weekend by claiming to “leak” files and personal information that, in some cases, has been available for years.

Anonymous said it retaliated against the Minneapolis police department for the May 25th killing of George Floyd by publishing email addresses and passwords apparently stolen from a police website. The information was previously taken in prior data breaches, then re-packaged to appear to be a new batch, according to Troy Hunt, owner of Have I Been Pwned, which tracks stolen credentials.

Of the 798 email addresses included in the Anonymous database, 689 are unique, the rest being duplicates. Of that 689, 659 were already available in the Have I Been Pwned database, Hunt said in his analysis, and those email addresses were leaked an average of 5.5 times. Many seem to have originated in the 2012 breach at LinkedIn, he added.

Anonymous-affiliated Twitter accounts attracted thousands of impressions on social media in the latest example of the group seizing on headlines in an attempt to boost its credibility.


“[A]nger shouldn’t mean throwing logic and reason out the window and I cannot think of a time when fact-checking has ever been more important than now, not just because of the Minneapolis situation, but because so much of what we see online simply can’t be trust,” Hunt wrote in a blog post. “So by all means, be angry, but don’t spread disinformation and right now, all signs point to just that – the alleged Minneapolis Police Department ‘breach’ is fake.”

Word of the fabricated breach coincided with ongoing uncertainty about who may have been behind a reported cyberattack against Minnesota state government websites. Governor Tim Walz said Sunday that “a very sophisticated denial of service attack was executed on all state computers” occurred on Saturday. Those claims later proved to be overblown, as state officials repelled the manufactured surge in traffic within hours.

Distributed denial-of-service attacks once were an Anonymous trademark. Among the group’s most notable attacks was a 2008 internet protest in which they flooded the church of Scientology with web traffic, knocking sites offline. Similar efforts against the Vatican in 2012, international governments and other targets earned the group headlines.

In this case, Anonymous did not claim credit for the attack against Minnesota websites. However various accounts threatened retaliation against police in Minneapolis for the Floyd killing, and to intervene “if and when it becomes necessary” as protests continue.

Anonymous’ activity now follows similar exaggerations in 2019. The activist collective functions as a series of loosely-affiliated individuals and operations, and members often renounce each others’ activities.


However, in February of last year, an offshoot calling itself “Operation Death Eaters” claimed to steal secret files belonging to Jeffrey Epstein, the billionaire pedophile. In that case, Anonymous worked to amplify Epstein’s “Little Black Book” of associates, and published allegations from a lawsuit accusing Epstein and Donald Trump of sexually assaulting an underage girl.

Many of the same allegations already were available in court documents. Epstein’s network of associates, including his associations with Trump, had been detailed in a 2015 Gawker article.

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts