IntelBroker Hacks Into Europol, Claims to Steal FOUO Documents

IntelBroker, a nefarious hacker, broke into the Europol Platform for Experts (EPE) website.

Hacker claims to have access to data from six agencies associated with EPE, including For Official Use Only (FOUO) documents.

EPE is a platform for law enforcement agencies dedicated to discussing and curbing cybersecurity threats, and breaking into it sends the wrong message.

Table Of Contents

Europol’s Compromised Data Details

The attacker published a lengthy post on the Breach Forum and the Europol’s SIRIUS agency’s image.

The post begins with a welcome message, “Hello BreachForums Community,
Today, I am selling the entire data breach belonging to Europol. Thanks for reading, enjoy!”

Then, the attacker describes the time of the attacks, May 2024, and the stolen data details, including “Alliance Employees, FOUO source code, PDFs, recon documents and guidelines.”

Here’s the list of agencies mentioned in the post:

  • CCSE (Joint Center for European Security)
  • Cryptocurrencies – EC3
  • Space – EC3
  • Europol Expert Platform
  • Law Enforcement Form
  • SIRIUS

IntelBroker demands payment in Monero (XMR) cryptocurrency and asks interested buyers to message him on the forums for a point of contact.

The attacker clarified that he would sell the data to reputed members only.

Europol Confirms The Breach

Bleeping Computer contacted Europol to inquire about the incident. “Europol is aware of the incident and is assessing the situation. Initial actions have already been taken. The incident concerns a Europol Platform for Expert (EPE) closed user group,” Europol replied.

If you try to visit the Europol Platform for Experts website, an “THE APPLICATION IS CURRENTLY UNDER MAINTENANCE” banner greets you.

It doesn’t clarify the reason behind this downtime and only assures that the portal will return soon.

The website wasn’t up while writing this post, meaning Europol is still investigating the extent of the data breach.

The agency said, “no operational information is processed on this EPE application. No core systems of Europol are affected, and therefore, no operational data from Europol has been compromised.”

However, this statement starkly contrasts IntelBroker’s post, which even released a small sample of 9,128 records supposedly belonging to the EC3 SPACE database.

Europol hasn’t issued a public statement about the breach yet.

Once it does that, it will clarify what’s compromised and how the agency intends to stop and penalize the attacker.

spot_img

Read More

Suggested Post