FBI Server Sent Fake Emails, Goes Offline, No Data Impacted

Share post:

The FBI blamed a misconfiguration in its Law Enforcement Enterprise Portal (LEEP) for a technical mishap that allowed emails to be sent from the ic.fbi.gov domain.

“LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners,” the FBI said.

The bureau also assured that no data was affected during the technical glitch.

“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service. No actor was able to access or compromise any data or PII on the FBI’s network.”

The FBI quickly took the “impacted hardware” offline, and fixed the “software vulnerability” before finally confirming the network integrity.

Brain Krebs reported that the sender of the e-mails was able to do so because the FBI generated a client-side unique code to log into a brand new account on LEEP, and it was sent to the FBI servers as a POST request along with an e-mail subject and e-mail address. Manipulation of the request parameters led to the e-mails being sent, and a script was used to automate the sending.

For more information, you may view the original story from ZDnet.

SUBSCRIBE NOW

Related articles

Federal Reserve targeted by ransomware gang: Claims of 33TB data theft

The Federal Reserve, the central banking system of the United States, is reportedly in negotiations with the ransomware...

Department of Homeland Security starts its “AI Corps”

The Department of Homeland Security (DHS) has announced the first 10 hires for its newly established AI Corps,...

Apple will not release new AI features in Europe

Apple has announced that three significant features in iOS 18 and macOS Sequoia won't be available to European...

Big tech firms and US government join together for first AI attack simulation

Federal officials, AI model operators, and cybersecurity companies conducted the first joint simulation of a cyberattack involving a...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways