Cyber Incident Victim: Federal Bureau of Investigation

On February 17, 2023, the U.S. Federal Bureau of Investigation (FBI) confirmed it was investigating malicious cyber activity detected within its network. The agency characterized the event as an "isolated incident" that had already been contained, though it declined to provide specifics regarding the intrusion vector or duration of unauthorized access. CNN reported the breach involved a computer system operated by the FBI’s New York Field Office, specifically one dedicated to investigating cases of child sexual exploitation. The FBI stated it was working to assess the scope and impact of the incident but offered no indication that data exfiltration or broader network compromise occurred beyond the affected system. As part of its response, the agency restricted public commentary, citing the ongoing nature of the investigation.

This incident followed a separate November 2021 cybersecurity event involving FBI infrastructure. In that case, threat actors exploited a software misconfiguration in the Law Enforcement Enterprise Portal (LEEP)—a system used to communicate with state and local law enforcement partners—to send fraudulent emails. The attackers distributed tens of thousands of spam messages from a legitimate FBI email address ([email protected]), impersonating official warnings about a "sophisticated chain attack." Spam-tracking organization Spamhaus estimated at least 100,000 mailboxes received these messages, though actual numbers were potentially higher. The FBI clarified the compromised server was solely used for LEEP notifications and not connected to its corporate email service or internal data stores, asserting no sensitive information or personally identifiable information (PII) was accessed. Both incidents underscored vulnerabilities in FBI-affiliated systems, though the agency maintained operational continuity and downplayed risks to core investigative functions or partner agencies in its public statements.