A database containing information on members of the Bay Area Rapid Transit (Bart) police force has become the latest trophy for hacktivists opposing the agency's recent actions.
A data dump posted to Pastebin lists the names, addresses and account credentials of more than 100 officers, and includes a reference to the OpBART campaign led by Anonymous.
The hacking group has not officially commented on the attack, but a series of posts to the AnonyOps Twitter feed suggests that the breach might be part of an effort to undermine OpBART.
"The leak today of Bart officer data could be the work sanctioned by those who truly support Anonymous, or agent provocateurs," AnonyOps said.
"People who are against Anonymous know they can do things under the name 'Anonymous' and never be questioned. This is Anonymous, defined."
Anonymous has previously targeted Bart user databases in the OpBART campaign, including the posting of some 3,000 credentials harvested from the MyBart web site.
The group claims to be protesting against recent shootings involving Bart officers, as well as the agency's decision to disable mobile phone services at its stations to thwart protests in San Francisco.
"We are deeply concerned about the safety and security of our employees and their families," said interim general manager Sherwood Wakeman. "We stand behind them and our customers who were the subject of an earlier attack."
Whether the attack was carried out by rogue members of Anonymous or individuals sympathetic to the campaign, security experts said that Bart should have done a better job of securing its systems in the knowledge that an attack was likely.
"In the current climate of high-profile hacks, that's not excusable," said Sophos senior technology consultant Graham Cluley in a blog post.
"Other forces would be wise to look at their own sites and make sure they are not similarly vulnerable to attack."
Spaces are filling up fast
HP ZBook x2 offers 32GB RAM, M.2 SSD with up to 2TB storage and Nvidia Quadro GPU
Laptops should be able to offer true all-day working, and some
CGN has created an "online capability gap" between cyber criminals and law enforcement, says Europol
ISPs use Carrier Grade NAT to share IP addresses amongst multiple users