Oops! Bangor Police Accidentally Sends Passwords to Social Media and Anonymous Tip Site to Media List

The Bangor Police Department found itself in an awkward situation on Monday after a serious email mishap. Sgt. Jason McAmbley, the former Public Information Officer, accidentally sent out a list of sensitive passwords to the department’s entire media contact list. Instead of forwarding the info to the new public information officer, Sgt. Jeremy Brock, McAmbley mistakenly hit reply all, sharing log-in details for several official accounts including Instagram, X, and other critical resources. This embarrassing blunder included passwords for the department’s social media platforms as well as access credentials for LexisNexis, a data analysis service, and Tip411. Tip411 is particularly sensitive as it’s used by the police to receive anonymous tips and send emergency alerts to the public. Alongside the passwords, McAmbley also attached a three-page PDF guide that detailed how the new information officer should navigate LexisNexis, handle Freedom of Access Act requests, and communicate with the media list. Normally, the media list is reserved for press releases about police activities, such as arrests or community updates, so the accidental leak raised immediate concerns about security and privacy. When questioned, McAmbley told the Bangor Daily News that the mistake happened because he was transitioning back to patrol duties and was trying to hand over responsibilities. He confirmed that all passwords would be changed promptly to prevent any unauthorized access. Shortly after the error was discovered, McAmbley sent a follow-up email introducing Sgt. Jeremy Brock as the new public information officer. He made sure to mention that Brock would now be the point of contact for all media inquiries starting November 19th. McAmbley humorously noted that, just like he accidentally copied everyone in the earlier email, he did so again to officially introduce his replacement. The incident has drawn attention not only for the lapse in operational security but also because it highlights how critical proper communication protocols are within police departments. Media outlets who received the email, including The Maine Wire, the Bangor Daily News, the Portland Press Herald, and Maine Public, now have potentially sensitive access details that could be exploited if not handled responsibly. The department’s quick response in changing passwords and clarifying the transition of duties seems aimed at mitigating any fallout from the mistake. Reporter Seamus Othot from The Maine Wire, who covers regional affairs, commented on the unusual nature of the blunder, emphasizing that while mistakes happen, sharing passwords publicly is a rare and risky slip-up for any law enforcement agency. This event serves as a reminder for departments everywhere to review their internal communication practices and cybersecurity measures to avoid similar incidents in the future.