FBI Gets Hacked—Cyberattack Sends Threatening Emails to Over 100,000 People

The email servers of the Federal Bureau of Investigation were hacked on Friday night.

QUICK FACTS:
  • The Federal Bureau of Investigation confirmed Saturday that one of its email servers had been hacked, according to Forbes.
  • The hack resulted in spam emails being sent to the public that appeared to be from the agency and the Department of Homeland Security (DHS).
  • The hackers gained access to the FBI’s email system and used it to send threatening spam emails to over 100,000 people.
  • Forbes reports that the FBI and the Cybersecurity and Infrastructure Security Agency told NBC News in a statement that they were aware of the incident and “encourage the public to be cautious of unknown senders” and to report suspicious activity to them.
  • The hack was discovered by the Spamhaus Project, a cybersecurity watchdog group.
NBC NEWS REPORTS:

The recipients of the emails appear to be the publicly listed administrators of websites listed on the American Registry for Internet Numbers, Grosjean said.

In an updated statement on Sunday, an FBI spokesperson said the hacker had found and exploited a flaw in how an agency messaging system is configured, and that they weren’t able to access FBI files.

“The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners,” the emailed statement said.

“No actor was able to access or compromise any data or PII [personally identifiable information] on FBI’s network,” it said.