Cyber Incident Victim: FBI National Academy Associates

On or around April 11, 2019, a hacker group breached multiple websites affiliated with the FBI National Academy Associates (FBINAA), a U.S.-based organization focused on law enforcement leadership development and training. The attackers exploited vulnerabilities in three FBINAA-associated websites to download server contents, exfiltrating sensitive personal data. The compromised datasets contained approximately 4,000 unique records after duplicate removal, exposing names, personal and government email addresses, job titles, phone numbers, and postal addresses of federal agents and law enforcement officers. The breach was discovered when hackers publicly uploaded the stolen data. The FBINAA confirmed the incident and initiated collaboration with federal investigative authorities to assess the damage and identify the perpetrators.

The hackers anonymously communicated with TechCrunch via encrypted chat on April 12, 2019, claiming responsibility for the breach and stating their intent to sell the stolen data. They asserted involvement in compromising over 1,000 websites total, though only the FBINAA breach was substantiated with published evidence. The attackers also provided proof of breaching a Foxconn manufacturing subdomain, exposing Lotus-based webmail systems containing employee records, though no direct connection to the FBINAA incident was established. Their primary motivations were financial gain and public exposure of security flaws. The FBINAA did not disclose specific remediation steps beyond the ongoing federal investigation, nor were technical details about the exploited vulnerabilities or containment measures revealed publicly. The exposure of law enforcement personnel data raised concerns about potential targeting risks but yielded no confirmed reports of misuse at the time of disclosure.