Were the FBI's Email Servers Hacked? Here's What You Need to Know

MakeUseOf

By Ankush Das

Published Nov 19, 2021

The story once again shows the importance of keeping your email servers safe.

A wave of emails was sent from an email address associated with the FBI’s Law Enforcement Enterprise Portal (LEEP) that included a cyberattack warning.

It turns out that, while the email used was legitimate, the content was part of a spam campaign.

But how did the malicious actors gain access to an FBI email address? Were FBI’s email servers hacked? Let us highlight more details on that.

FBI Email Address Used for a Spam Campaign

As per the report by BleepingComputer, the researchers at Samphaus Project noticed a spam campaign where messages originated from a genuine email address (eims@ic.fbi.gov).

The email address belongs to the FBI's Law Enforcement Enterprise Portal (LEEP). The subject of the email mentioned to the recipients that a known attacker hacked their infrastructure. The content of the email explained that it was a sophisticated chain attack, and the FBI could not intervene because the hacker was working in cooperation with the National Cybersecurity and Communications Integration Center (NCCIC).

Fortunately, the email did not distribute anything malicious. However, the content in the email tried to defame a cybersecurity researcher (Vinny Troia), putting fake claims of hacking and potentially damaging the infrastructure.

The FBI’s statement in BleepingComputer's report further explains that a software misconfiguration let the attacker access FBI’s LEEP email and send the emails.

The FBI also clarified that the incident was isolated because the attacker did not access the FBI’s corporate network. So, there was no data extracted in the process.

In fact, the email address hacked was originally used by the FBI to push notifications for communication with the state and local law enforcement. Hence, it did not deal with any sensitive data at the time it was accessed.

Do Not Take Immediate Action for Any Email Received

Considering this can happen with any organization and email address, it is always good to stay cautious and re-evaluate the content of the email, even if it seems to have originated from a trusted email address.

You should never panic and take action suggested in any of your emails. Unless you verify the situation, proceed with caution.