FBI Investigates Suspicious Breach of Networks Containing Sensitive Investigation Data

The Federal Bureau of Investigation (FBI) is investigating a suspicious breach of its networks that contain information related to ongoing investigations. According to multiple reports, the cybersecurity incident involved a network used for wiretaps and foreign intelligence surveillance warrants.

On Thursday, the FBI confirmed it had identified and addressed 'suspicious activities' on its networks but declined to provide further details about who might be behind the breach or what data may have been accessed. The bureau alerted Congress this week, stating that the incident involved abnormal log information detected in mid-February.

The notice to Congress revealed that the breach included efforts at leveraging a commercial Internet Service Provider (ISP) vendor's infrastructure to access the FBI's networks. The affected system is unclassified but contains law enforcement-sensitive information, including returns from legal processes such as pen registers and trap-and-trace surveillance returns, as well as personally identifiable information related to subjects of FBI investigations.

The White House, FBI, National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) are all involved in investigating the breach. The incident has been compared to the 2024 Salt Typhoon breach, which accessed communications records for millions of people in the United States.

There have been reports suggesting that China may be behind this latest breach; however, these claims remain unconfirmed as requests for comment from UPI went unanswered by publication time. The FBI has emphasized its ongoing remediation efforts and noted that the scope and impact of the incident are yet to be determined.