(Image: supplied)
Homeland Security has served Twitter with a subpoena, demanding the account information of a data breach finder, credited with finding several large caches of exposed and leaking data.
The New Zealand national, whose name isn't known but goes by the handle Flash Gordon[1], revealed the subpoena in a tweet last month[2].
The pseudonymous data breach finder regularly tweets about leaked data, found on exposed and unprotected servers. Last year, he found an trove of almost a million patients' data[3] leaking from a medical telemarketing firm. A recent find included an exposed cache of law enforcement data[4] by ALERRT, a Texas State University-based organization, which trains police and civilians against active shooters. The database, secured in March but reported last week, revealed that several police departments were under-resourced and unable to respond to active shooter situations.
Homeland Security's export control agency, Immigration and Customs Enforcement (ICE), served the subpoena to Twitter on April 24, demanding information about the data breach finder's account.
Twitter informed him of the subpoena, per its policy[5] on disclosing legal processes to its users. A legal effort to challenge the subpoena by a June 20 deadline was unsuccessful.
Attorneys from the Electronic Frontier Foundation provided Flash Gordon legal assistance.
ICE demanded Twitter turn over his screen name, address, phone number -- and any other identifying information about the account, including credit cards on the account. The subpoena also demanded the account's IP address history, member lists, and any complaints filed against the Twitter account.
The subpoena did not demand the account's private messages or any other content, which typically requires a court order or a search warrant.
It's not known why