Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only documents containing classified data.
BleepingComputer also asked when the breach occurred and whether it is true FOUO and classified documents were stolen as claimed by the threat actor, but a response was not immediately available.
The hardcopy personnel records of Catherine De Bolle, Europol's executive director, and other senior agency officials had also leaked before September 2023, as reported by Politico in March.
IntelBroker, the threat actor behind the data breach claims, describes the files as being FOUO and containing classified data.
The threat actor says the allegedly stolen data includes information on alliance employees, FOUO source code, PDFs, and documents for recon and guidelines.
Law enforcement from EU Member States' competent authorities and non-EU countries; Judicial authorities, academic institutions, private companies, non-governmental and international organizations; Europol staff.
IntelBroker also says they compromised the SIRIUS platform used by judicial and law enforcement authorities from 47 countries, including EU member states, the United Kingdom, countries with a cooperation agreement with Eurojust, and the European Public Prosecutor's Office.
Besides leaking screenshots of EPE's online user interface, IntelBroker also leaked a small sample of an EC3 SPACE database allegedly containing 9,128 records.
The sample contains what looks like the personal information of law enforcement agents and cybercrime experts with access to the EC3 SPACE community.
Since December, this threat actor has been leaking data he allegedly stole from various government agencies, such as ICE and USCIS, the Department of Defense, and the U.S. Army.
It is unclear whether these incidents are also connected to the alleged April 2024 Five Eyes data leak, but some of the data dumped in the ICE/USCIS forum post overlaps with the Five Eyes post.
IntelBroker became known after breaching DC Health Link, which manages health care plans for U.S. House members, staff, and families.
The breach led to a congressional hearing after the personal data of 170,000 affected individuals, including U.S. House of Representatives members and staff, was exposed.
Earlier this week, IntelBroker also started selling access information to the network of cloud security company Zscaler.
Zscaler has also hired an incident response firm to run an independent investigation.
US State Department investigates alleged theft of government data.
The Post Millennial hack leaked data impacting 26 million people.
DocGo discloses cyberattack after hackers steal patient health data.
United Nations agency investigates ransomware attack, data theft.
Chipmaker Nexperia confirms breach after ransomware gang leaks data.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 11 May 2024 12:40:28 +0000