On Thursday evening around 7:00 PM, police arrested a 40-year-old man from Ridderkerk on Prinses Beatrixstraat in Ridderkerk for computer hacking. Due to a police error, the man had inadvertently gained access to confidential police documents. When ordered to relinquish these documents, he refused. He stated that he would only comply if he received something in return. Therefore, the decision was made to arrest the man, search his home, and secure the confidential files to prevent possible dissemination.
How is a fucking URL all you need to access confidential evidence on a police server. Lets bruteforce some URLs i guess?
There was a piece a while ago of a guy that went to expired domains in Belgium, happened to buy an old domain from the police, and all of a sudden, started to have emails from the police with a mail server. Crazy how no one checked the domain.
Edit: found the URL here. And there was other institutions hit as well, not just police
Yeah i saw that back then, it happened multiple time with different organizations iirc.
Ask Adrian Lamo. He “hacked” a few sites just by clicking links
Or Aaron Swartz…
In germany its also catastrophic. I remember three stories off the top of my head where security researchers were raided or sued after properly reporting massive security issues in company software.