Millions of ‘anonymous’ crime tips exposed in massive Crime Stoppers hack: Exclusive
A California resident had an urgent message for the police. A family tied to Mexico’s notorious Sinaloa drug cartel was trafficking hundreds of pounds of marijuana at a time, and the tipster knew how the police could apprehend these “highly violent” people who “always carry weapons.”
Equally urgent to the tipster: secrecy.
“Please, this must remain anonymous,” the tipster wrote, “so if captured, do not say it was from a tip cause they would know where it came from.”
That tip, however, is one of millions exposed by hackers who stole data from the cloud-based tip and intelligence management company P3 Global Intel. The Texas-based company enables the public to share crime tips — anonymously, it says — with thousands of clients, including Crime Stoppers programs, local and federal law enforcement agencies, public schools and the U.S. military. (P3 says its name stands for “public, police and private sector.”)
The leak contains extensive personal data on people accused by tipsters: names, email addresses, dates of birth, phone numbers, home addresses, license plate numbers, Social Security numbers and criminal histories.
Although P3 says in sales material for clients that “each tipster’s identity will remain anonymous at all times,” personal information from those who shared it is also present throughout the leak.
Exposure of P3’s data would pose serious risks in the hands of anyone with malicious intent, said Mailyn Fidler, an assistant professor at the University of New Hampshire Franklin School of Law who studies cybersecurity and cybercrime law.
“Those risks include severe harm and even death to police informants,” Fidler told Straight Arrow News. “Given P3’s clients, it also includes risks to national security. If what the hackers report about P3’s security practices are true, they engaged in substantially subpar security practices, especially given the sensitivity of the information they handle.”
For now, there’s no indication that the hackers plan to make the data accessible to the public. P3’s parent company, Navigate360, did not respond to multiple emails and phone calls from SAN.
On its website, the company says: “We understand the need for both security and privacy compliance among our products and solutions. Accessibility and security require us to ensure we always comply with various laws and frameworks.”
‘Don’t do dirty work for the pigs’
Straight Arrow News and the nonprofit leak archiver DDoSecrets obtained more than 8.3 million highly sensitive records of P3’s from a hacker group that calls itself “THE INTERNET YIFF MACHINE.” The records span from February 1987 to November 2025. In addition to the tips, the breach of P3’s servers also revealed user account details and customer support requests.
In a note included alongside the data cache, the hacker group repeatedly cited animus toward law enforcement as motivation for exposing the crime tips.
“Remember folks, don’t do the dirty work for the pigs,” the hackers wrote. “Investigating crime is their job, not yours. They don’t care about you, they want convictions and prisoners to fuel the for-profit prisons.”
The note goes on to outline numerous vulnerabilities that the hackers say contradict P3’s assurances about its security. The note specifically mentions a statement from P3’s parent company saying its tools “have never been breached or compromised in any manner over the past 20 years.”
“They claim to have never had a breach,” the hacking group wrote. “Let’s change that.”
The hackers also exposed an internal page for P3’s customers — marked confidential — that reveals how the company’s clients can track tipsters without their knowledge.
The page details an opt-in feature titled “Session Information Disclosure” that allows P3 customers to request their tipsters’ IP addresses. The hackers showed a screenshot of the page to SAN.
The page says the feature is designed to address potential misuse or abuse of its system by tipsters: “P3 is capable of capturing session information from web & mobile top submissions. By default, this is disabled on all accounts. When tracking is enabled, the values are stored for a period of up to 90 days — and can be made available to you upon formal request in the event of serious misuse or abuse of our system … such as first person threats against life or property.”
It’s unclear, however, what guardrails are in place to keep P3’s customers from abusing the feature to uncover the identities of anonymous tipsters. For instance, a police officer accused of misconduct by a tipster might obtain the person’s IP address and other identifying information—even though tipsters are told that their “anonymity is protected at all times.”
‘BlueLeaks 2.0’
When one of P3’s clients receives a tip — whether over the phone, online or through its smartphone app — users are sent a unique ID number and password that can be used to check the status of their submission. Given that those messages do not appear to have been stored in an encrypted format, which would protect them in the event of a data breach, SAN was able to locate IDs and passwords in plain text.
The hackers also exposed chat logs between those sending and receiving tips. Some messages detail rewards given out to those whose tips resulted in arrests. Those tipsters are given instructions on how to collect their reward, which can come in the form of cash in an envelope from local police departments and banks.
DDoSecrets has dubbed the data cache “BlueLeaks 2.0.” The name is derived from the leak archiver’s publication in 2020 of 269 gigabytes worth of law enforcement data. The documents in the original BlueLeaks files, which included intelligence bulletins and emails, were provided to DDoSecrets after the hacker collective “Anonymous” breached a company that worked with Fusion Centers and law enforcement. Fusion Centers, many of which now have contracts with P3, are state-owned and operated collaborative hubs that collect, analyze and distribute information among federal, state and local law enforcement agencies.
“For years, we’ve warned about the problems with Fusion Centers and with privatizing these systems: the endless retention (even of submissions that are disregarded), the largely unregulated information sharing, and the failures to actually protect the identities of both alleged victims and perpetrators,” DDoSecrets co-founder Emma Best told SAN.
Given the breadth and significance of the data, DDoSecrets says it will grant select researchers and media outlets access to conduct additional reporting.
Anonymity not guaranteed
The leak reveals the scope of P3’s work for thousands of local law enforcement agencies as well as the federal government.
Four federal departments — Defense, Homeland Security, Justice and the Interior — paid P3’s parent company almost $1.3 million between 2020 and 2025, according to the government contracting website USASpending.gov.
Although sub-agencies like Immigration and Customs Enforcement and the Secret Service do not appear to rely on P3’s tip software, the data shows that representatives of both agencies have accounts. Other government entities with user accounts include the Internal Revenue Service and the Department of Agriculture.
The leaked data includes a 2023 Situational Awareness Bulletin that details an investigation by the Secret Service into an Arizona man described as experiencing “mental health delusions.” The man — whose name, description, license plate number, home address and phone number are listed in the bulletin — is reported to have sent letters to churches in Arizona and California detailing his desire to kill President Donald Trump.
While under court-ordered treatment, the bulletin states, the man was interviewed by the Secret Service. Following the interview, the man is said to have “increased his writing campaign by flooding several police agencies throughout the state with letters, indicating additional threats” to Trump, who was then out of office.
The police in Arizona, who say they maintained contact with the man’s parents “in an attempt to mitigate his activity,” ended the bulletin by calling on any other departments receiving threatening letters to forward copies to their detectives as well as the Secret Service. It remains unclear if the case against the man ever resulted in criminal charges.
The military appears to be the largest federal user of P3’s services.
In a tip from 2020, a woman enlisting in the Army used P3 to report to the military branch’s Criminal Investigation Division that she’d been sexually assaulted by a recruiter. The woman, who asked for anonymity over fears that she’d be labeled by the military as “someone who complains,” named the man before accusing him of touching her breast and offering her a prominent job in exchange for oral sex.
“I yelled at him and told him NO thank you and do not touch me and he smacked me on my ass and said he could take me by force and that there was nothing I could do,” she wrote. “I at that point pulled out some pepper spray I had in my purse and he backed off and said he was just joking and that if I wanted to make it in the army I needed to be cool like one of the guys.”
The woman went on to disclose the embarrassment and worry she felt over reporting the incident. She ultimately decided to come forward because she feared the recruiter would assault more people.
Yet despite her belief that an anonymous tip would be enough to spur an investigation, the woman was told that she’d have to provide details about herself to move forward.
“I understand your desire to remain anonymous; however, without additional identifying information it will be nearly impossible for us to investigate the allegations,” a military official responded. “If you would like to provide additional information please advise how you would like to coordinate with my office.”
SAN reached out to multiple people in the data who submitted tips and spoke with a man who filed a report in 2023 with police in California. The man, an Open Source Intelligence (OSINT) analyst and instructor who uses the handle OSINT Tactical on social media, confirmed to SAN that he’d submitted a tip about a man who’d been viewing child sexual abuse material online.
In the tip, OSINT Tactical says he came across the man’s activity in an infostealer log, a collection of sensitive data extracted from devices compromised by malware. OSINT Tactical, who provides OSINT training to military, law enforcement and the private sector, listed websites the man reportedly visited as well as what he believed to be his name, email addresses, phone number, home address and IP address.
“I have sent quite a few tips in the recent years, probably over 100,” the tipster told SAN.
The software has also been adopted by more than 30,000 schools and U.S. nonprofits, such as Sandy Hook Promise, an organization focusing on gun violence prevention programs. Many school-related messages viewed by SAN involved highly sensitive matters, such as self-harm, suicide and threats of violence, and the leak exposed personal data that P3 collected.
In a message sent in 2022 to Safe2SayPA.org, a P3-powered website that allows students and educators in Pennsylvania to submit anonymous tips, a parent reported that their seventh-grade student had expressed fears about a classmate who “had been fixating” on firearms, grenades and self-harm.
An internal note in the report states that local police completed a wellness check on the student sometime later, which resulted in a trip to the hospital for a mental evaluation. The student, the note adds, had been the victim of “ongoing bullying” that included taunts that referred to him as “the school shooter.”
The note continues by stating the student’s foster parents kept firearms in the home, but they were “locked away by the dad.” The student was ultimately pulled from his middle school but not publicly identified.
In the leaked P3 data, his full name appears throughout the report.
Ella Rae Greene, Editor In Chief
