The FDNY is seeking to build a digital firewall to protect the Big Apple’s thousands of rescue workers from cyberattacks, including “doxxing,” The Post has learned.
The department recently put out a call in the City Record for consultant services “for the development and implementation of protective strategies to address the cyber threat of doxxing and to provide resiliency for the security of personal information.”
Doxxing is the publishing of personal information on the internet with the intent to bully, harass or threaten others.
The sick practice has become increasingly prevalent online. A radical pro-choice group recently doxxed six Supreme Court justices to spur protesters into showing up outside their homes to oppose overturning Roe v. Wade, the landmark ruling legalizing abortion.
An FDNY spokesman said the move to increase cybersecurity wasn’t triggered by a doxxing incident involving one of the city’s Bravest. But the department has enormous databases with the personal information of its 15,000 emergency responders and other workers — as well as retirees and patients it treats responding to 911 calls — that could be vulnerable to cyberattacks.
The search for the consultant is “part of the FDNY’s ongoing cybersecurity preparedness measures to protect the department’s data,” spokesman Frank Dwyer said.
The selected cybersecurity pro would help implement anti-hack software and develop a training program for a workforce that interacts regularly with the public, the note to potential bidders says.
“The service should provide real time threat mitigation and recovery capabilities in the event of access to and misappropriation of personally identifiable data during the course of official duties as a member of the FDNY,” reads the note from the department.
One union leader representing FDNY responders said the solicitation to bolster firewall cybersecurity shows the department is behind the times in guarding against data breaches.
“It’s an attempt to protect those who protect others. But it’s shocking that the department doesn’t already have such a plan in place,” said Oren Barzilay, president of Local 2807 representing FDNY/EMS emergency medical technicians, paramedics and fire inspectors. “It’s very alarming.”
Barzilay added: “Hacking or doxxing can happen to anyone. It could put any of us in harm’s way.”
He also noted the danger of patients’ medical records being exposed.
FDNY/EMS responds to 1.5 million 911 emergency calls a year and has millions of patients’ medical records in the department’s data system.
Those records are forwarded to hospitals and health insurers and the federal Medicare/Medicaid system as the FDNY submits reimbursement for administering oxygen, IV fluids and medicine and for transporting patients.
The union leader claimed the FDNY’s pitch for cybersecurity help is part of a larger problem, complaining that the department’s payroll system for EMS workers is antiquated and that he has some members who are owed thousands of dollars because of nightmarish glitches.
Andrew Ansbro, president of the city’s Uniformed Firefighters Association, said the cybersecurity initiative seems like a good-faith attempt by the FDNY to be “proactive” in battling doxxing and data breaches.
The department emphasized that cyberattacks, including doxxing, have been a troubling homeland security challenge for some time.
Doxxing of law-enforcement, meanwhile, increased following the police killing of George Floyd in Minneapolis in 2020, which triggered massive nationwide protests and tense confrontations between demonstrators and cops.
The US Department of Homeland Security reported that high-ranking police officials nationwide — including members of the NYPD — had their personal information posted online and warned the doxxing could inspire attacks by “violent opportunists or domestic violent extremists” or hinder law-enforcement officials as they try to manage demonstrations.