The FBI has been investigating and attempting to contain a detrimental cyber incident on a segment of its computer network in recent days.

In November 2021, someone used a real email address that the FBI uses to communicate with state and local law enforcement to send false emails to thousands of businesses about a potential cyber threat.

As soon as the FBI was made aware of the occurrence, they remediated the software vulnerability, cautioned partners to disregard the false emails, and validated the integrity of their networks.

The FBI stated at the time that it had patched a software vulnerability relating to the incident, although it has yet to designate a suspect publicly.

FBI addresses the issue

The FBI says:

« The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails. LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners. While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network. »

FBI authorities have sought to isolate the hostile cyber activity, which two individuals said involves the FBI’s New York Field Office, one of the bureau’s largest and most visible outposts.

According to one insider, the hacking event is still being probed.