(DailyDig.com) – The FBI works with and stores sensitive information on millions of people from both the US and beyond. It’s only reasonable to assume an intelligence agency, which quite literally specializes in preventing crime, would take precautions to ensure criminals never had access to that data. Yet, the agency still suffered the effects of a cyber attack recently.
An FBI statement released on November 14 indicated the department was fully aware of the attack but didn’t clarify when they discovered it. A software misconfiguration gave hackers access to the Law Enforcement Enterprise Portal (LEEP), allowing them to send fake emails from agency servers.
LEEP enables the bureau to communicate with local and state authorities.
The FBI is assuring the public that LEEP is typically used to send push notifications. It says the server accessed operates independently of corporate servers; hackers allegedly did not obtain any data containing personal information. The bureau took the affected hardware offline upon discovering the fake email sends.
The FBI has acknowledged illegitimate emails were sent from an official FBI email account Saturday morning before the agency took the hardware offline. The email was potentially sent to thousands, according to a report. https://t.co/mJgUU1XOAS
— Breitbart News (@BreitbartNews) November 14, 2021
According to the Spamhaus Project’s international nonprofit, which tracks cyber threats and spam, at least 100,000 accounts received the fake emails. Austin Berglas, former Assistant Special Agent for the FBI’s New York Cyber Branch, believes the outcome could’ve been much worse, noting that cybercriminals could easily weaponize a trusted government email. Thankfully, that didn’t happen.
The FBI continues to investigate the breach. They’re urging anyone who suspects they may have been affected to report suspicious activity to Ic3.gov or Cisa.gov.
Copyright 2021, DailyDig.com