© 2024 WRVO Public Media
NPR News for Central New York
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

FBI Seizes Website Suspected Of Selling Access To Billions Of Pieces Of Stolen Data

A joint investigation involving the U.S., Germany, the Netherlands, Northern Ireland and the United Kingdom helped take down the WeLeakInfo site, which the Justice Department says sold billions of stolen usernames, passwords and other data.
U.S. Department of Justice
A joint investigation involving the U.S., Germany, the Netherlands, Northern Ireland and the United Kingdom helped take down the WeLeakInfo site, which the Justice Department says sold billions of stolen usernames, passwords and other data.

U.S. authorities have seized the domain name of a website that allegedly sold access to billions of usernames, email addresses, passwords and other sensitive information stolen in data breaches.

Now, visitors to the not-so-subtle website – weleakinfo.com — are greeted with a homepage that reads, "This Domain Has Been Seized."

The Justice Department and the FBI took control of the site as part of a "comprehensive law enforcement action" involving authorities in Germany, Northern Ireland, the U.K. and the Netherlands. Two men in Europe have been arrested so far in connection with the site.

WeLeakInfo billed itself as a "search engine" that subscribers could use to pore over data illegally obtained from more than 10,000 data breaches, U.S. authorities said in a statement.

In all, the Justice Department said the site was offering access to more than 12 billion indexed records.

"The website sold subscriptions so that any user could access the results of these data breaches, with subscriptions providing unlimited searches and access during the subscription period (one day, one week, one month, or three months)," the statement read.

Authorities also issued a public appeal for help, asking people to contact the FBI's Internet Crime Complaint Center if they have any information about the owners or operators of the website.

The two suspects, both 22, were arrested Wednesday in Northern Ireland and The Netherlands, according to U.K.'s National Crime Agency. It says British authorities have been investigating weleakinfo.com since August and that users with malicious intent could pay as little as $2 per day for access to data from breaches in the U.S., Germany and the U.K.

"Two individuals were identified during the course of the operation who officers believe have made total profits in excess of £200,000 from the site," it said in a statement.

The U.K. law enforcement agency also says it discovered online payments linked to an IP address thought to have been used by the suspects, suggesting they were "heavily involved in the running of the site."

Andrew Shorrock, a NCA Senior Investigating Officer, says the website was "an extremely valuable" apparatus for online criminals.

"We know that weleakinfo.com formed an extremely valuable part of a cyber criminals toolkit," Shorrock said. "This significant criminal website has now been shut down as a result of an international investigation involving law enforcement agencies from five countries."

Copyright 2021 NPR. To see more, visit https://www.npr.org.

Brakkton Booker is a National Desk reporter based in Washington, DC.