© 2024 Texas Public Radio
Real. Reliable. Texas Public Radio.
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

Hackers sent spam emails from FBI accounts, agency confirms

The FBI acknowledges that fake emails came from FBI email addresses.
Mandel Ngan
/
AFP via Getty Images
The FBI acknowledges that fake emails came from FBI email addresses.

Updated November 14, 2021 at 2:13 PM ET

The Federal Bureau of Investigation is acknowledging that hackers compromised its email servers and sent spam messages. But the bureau says hackers were unable to access any personal identifiable information or other data on its network.

The fake emails appeared to be from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement on Saturday. The hardware impacted by the incident "was taken offline quickly upon discovery of the issue," the FBI said.

In an update issued on Sunday, the bureau said that a "software misconfiguration" allowed an actor to leverage an FBI system known as the Law Enforcement Enterprise Portal, or LEEP, to send the fake emails. The system is ordinarily used to by the agency to communicate with state and local law enforcement partners.

"No actor was able to access or compromise any data or PII [personal identifiable information] on the FBI's network," the bureau said. "Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."

The spam emails went to 100,000 people, according to NBC News, and warned recipients of a cyberattack on their systems. The FBI and Department of Homeland Security routinely send legitimate emails to companies and others to warn them about cyber threats. This is the first known instance of hackers using that same system to send spam messages to a large group of people, NBC reports.

The Spamhaus Project, a threat-tracking organization, posted on Twitter what it said was a copy of one such email. It showed a subject line of "Urgent: Threat actor in systems" and appeared to end with a sign-off from the Department of Homeland Security.

Both the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency are aware of the incident, the FBI said Saturday.

Copyright 2021 NPR. To see more, visit https://www.npr.org.

Catherine Whelan