The revelation of the seriousness of the threats comes amid Republican opposition to forming a 9/11-style commission to investigate the January attack. Photograph: Jim Urquhart/Reuters

Jason Wilson

Washington’s Metropolitan police department recorded threats to lawmakers and public facilities in the wake of the 6 January attack on the Capitol, according to documents made public in a ransomware hack on their systems this month.

Trump Hotel raised prices to deter QAnon conspiracists, police files show

Read more

The documents also show how, in the month following the Capitol attack, police stepped up surveillance efforts, monitoring hotel bookings, protests in other jurisdictions, and social media for signs of another attack by far-right groups on targets in the capital, including events surrounding the inauguration of Joe Biden as president.

The revelation of the seriousness of the threats comes amid Republican opposition to forming a 9/11-style commission to investigate the January attack, which saw the Capitol roamed by looting mobs hunting for politicians and involved the deaths of five people.

The police documents were stolen and published by the ransomware attack group Babuk, and some were redistributed by the transparency organization Distributed Denial of Secrets, from whom they were obtained by the Guardian. Various outlets last week published stories based on the data showing intelligence indicating that far-right Boogaloo groups planned to attack various targets in the capital.

But another collection of documents labeled “chiefs intelligence briefings” shows a broad, cross-agency effort in the days following the attack on the Capitol to identify suspects, monitor and apprehend far-right actors, and anticipate further attacks on Washington around events like the inauguration of Joe Biden and the second impeachment trial of Donald Trump.

In the aftermath of the riot, the attention of police and other law enforcement agencies was focused on far-right activity on social media platforms, and especially on a group calling itself Patriot Action for America.

One 13 January bulletin said that the group had been “calling for others to join them in ‘storming’ state, local, and federal government courthouses and administrative buildings in the event POTUS is removed as president prior to inauguration day”.

The bulletin also noted that the agency was facing broader challenges in monitoring far-right actors on social media websites, saying that “with the shutdown of Parler it has been a challenge to track down how activities are being planned”, and that they continued to “see more users on Gab and Telegram following the de-platforming of many accounts on more conventional social media companies”.

The bulletin mentions a “possible second suspect” in the placement of pipe bombs near the DNC and RNC, who was “observed on video scouting/taking photographs in advance of the placement”, who “took a metro to the East Falls church stop and took a Lyft from there”.

On 12 January, a bulletin noted that a supreme court agent had noticed “two vehicles stopped beside each other” outside the court building, and that in one an older white male was “videotaping the Capitol fence line and the court”, and in the other a passenger was “hanging out the window in order to videotape the court”.

A 22 January bulletin mentions that in Pennsylvania a man was arrested after “transmitting interstate threats to multiple US senators of the Democratic party”, having stated that he was “going to DC to kill people and wanted to be killed by the police”. When Pennsylvania state police apprehended him “he was in possession of a rifle, two handguns, and a large quantity of ammunition”.

A later bulletin described an incident in which a man with an illegal firearm was arrested after asking for directions to the “Oval Office”, and another man’s van was searched after he was observed sitting in the vehicle while parked outside the supreme court justice Sonya Sotomayor’s house.

The same day’s bulletin mentioned that Metropolitan police were cooperating with Capitol police in investigating “a number of threats aimed at members of Congress as the Senate impeachment trial of Donald Trump nears”.

The threats continued for weeks after the attack.

Almost a month later, a bulletin reported that “an identified militia group member” in Texas was claiming that if their “operation failed at the US Capitol”, there was a “back-up plan” involving the group “detonating bombs at the US Capitol during the State of the Union”.

The group was not named but was described as “a large organization allegedly with members from every state, which included individuals who were former military and law enforcement”.

The documents also reveal how law enforcement agencies secured the cooperation of private companies, from ride-share companies to hotels.

A bulletin includes the claim that “FBI working with Lyft and Uber to identify riders to and from the protest locations”.

The same bulletin carries detailed figures on reservations in hotels across the capital leading up to the inauguration on 20 January, which was secured by an unprecedented mobilization of law enforcement and the national guard.

Two days later, another bulletin said that “MPD’s intelligence division has conducted extensive outreach with security directors of area hotels”, who they asked to be “vigilant for evidence of suspicious activity and firearms possession by hotel guests”.

The Guardian, Sun 23 May 2021 10.00 BST

Threats to lawmakers and public facilities are recorded by police after Capitol attack

Image Ownership Reuters