FBI Admits Fake Emails Were Sent From Its Servers, Claims Agency’s Network Was Not Hacked
18:38 GMT 14.11.2021 (Updated: 19:41 GMT 14.11.2021)
The FBI earlier confirmed on Saturday that the agency was aware of a hacking incident involving fake emails from an @ic.fbi.gov email account. At the time, it was reported that an email blast sent out to recipients had included a message warning of a "sophisticated chain attack."
The Federal Bureau of Investigation (FBI) acknowledged on Sunday that fake emails were sent out from its server, but that its network had not been entirely compromised during the internal hiccup.
The weekend statement explained that the emails were dispatched from its Law Enforcement Enterprise Portal (LEEP), which is generally used to solely communicate with state and local law enforcement officials.
"While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service," reads the release. "No actor was able to access or compromise any data or [personal identifiable information] on the FBI’s network."
The release further indicated that once officials were made aware of the situation, investigators "quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks."
The Sunday statement was issued hours after the agency had initially acknowledged that a hack had taken place once Spamhaus Project, one of the largest anti-spam groups, reported on the development.
Spamhaus had earlier indicated that no malware was attached to the tens of thousands of emails that had been sent out from the FBI server.