Skip to main content

LATEST UPDATES: Racial Justice | Tracking COVID-19 (coronavirus)

FBI Seizes Website Suspected Of Selling Access To Billions Of Pieces Of Stolen Data

Photo caption:

Photo by U.S. Department of Justice

A joint investigation involving the U.S., Germany, the Netherlands, Northern Ireland and the United Kingdom helped take down the WeLeakInfo site, which the Justice Department says sold billions of stolen usernames, passwords and other data.

U.S. authorities have seized the domain name of a website that allegedly sold access to billions of usernames, email addresses, passwords and other sensitive information stolen in data breaches.

Now, visitors to the not-so-subtle website – weleakinfo.com — are greeted with a homepage that reads, "This Domain Has Been Seized."

The Justice Department and the FBI took control of the site as part of a "comprehensive law enforcement action" involving authorities in Germany, Northern Ireland, the U.K. and the Netherlands. Two men in Europe have been arrested so far in connection with the site.

WeLeakInfo billed itself as a "search engine" that subscribers could use to pore over data illegally obtained from more than 10,000 data breaches, U.S. authorities said in a statement.

In all, the Justice Department said the site was offering access to more than 12 billion indexed records.

"The website sold subscriptions so that any user could access the results of these data breaches, with subscriptions providing unlimited searches and access during the subscription period (one day, one week, one month, or three months)," the statement read.

Authorities also issued a public appeal for help, asking people to contact the FBI's Internet Crime Complaint Center if they have any information about the owners or operators of the website.

The two suspects, both 22, were arrested Wednesday in Northern Ireland and The Netherlands, according to U.K.'s National Crime Agency. It says British authorities have been investigating weleakinfo.com since August and that users with malicious intent could pay as little as $2 per day for access to data from breaches in the U.S., Germany and the U.K.

"Two individuals were identified during the course of the operation who officers believe have made total profits in excess of £200,000 from the site," it said in a statement.

The U.K. law enforcement agency also says it discovered online payments linked to an IP address thought to have been used by the suspects, suggesting they were "heavily involved in the running of the site."

Andrew Shorrock, a NCA Senior Investigating Officer, says the website was "an extremely valuable" apparatus for online criminals.

"We know that weleakinfo.com formed an extremely valuable part of a cyber criminals toolkit," Shorrock said. "This significant criminal website has now been shut down as a result of an international investigation involving law enforcement agencies from five countries."

Copyright 2020 NPR. To see more, visit https://www.npr.org.

FEATURED PODCAST

San Diego News Matters podcast branding

KPBS' daily news podcast covering local politics, education, health, environment, the border and more. New episodes are ready weekday mornings so you can listen on your morning commute.

  • Need help keeping up with the news that matters most? Get the day's top news — ranging from local to international — straight to your inbox each weekday morning.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Curious San Diego banner

Want more KPBS news?
Find us on Twitter and Facebook, or sign up for our newsletters.

To view PDF documents, Download Acrobat Reader.