Europol Reports Breach of Expert Platform and Data Leak

By Riley ThompsonTechnology News

Europol Reports Breach of Expert Platform

Europol has announced that its Europol Platform for Experts (EPE) web portal was hacked. Law enforcement authorities are currently investigating the incident, as hackers have claimed to have stolen “For Official Use Only” (FOUO) documents containing sensitive information.

The EPE is an online platform used by law enforcement experts to “share knowledge, best practices, and non-personalized crime data.” Europol representatives emphasized that the incident affected only the EPE, stating, “No operational information is processed on EPE, Europol’s core systems were not affected, and no operational data was compromised.”

Currently, the EPE portal is offline, with a message on the site stating that the service is unavailable due to technical maintenance.

Details of the Breach and Hacker Claims

A hacker known as IntelBroker has claimed responsibility for the Europol breach, asserting that they stole FOUO files and documents containing classified data. According to IntelBroker, the stolen information includes details about Europol employees, source code, PDF files, intelligence documents, and instructions, all of which have been put up for sale.

IntelBroker also claims to have gained access to EC3 SPACE (Secure Platform for Accredited Cybercrime Experts), a community on the EPE portal that hosts hundreds of cybercrime-related materials used by over 6,000 experts worldwide. These users include:

  • Law enforcement and authorized agencies from EU member states and non-EU countries
  • Judicial authorities, educational institutions, private companies, NGOs, and international organizations
  • Europol staff

The hacker further alleges to have compromised the SIRIUS platform, which is used by judicial and law enforcement agencies from 47 countries (including EU countries, the UK, Eurojust partner countries, and the European Public Prosecutor’s Office). SIRIUS provides access to international digital evidence for various criminal investigations and proceedings.

IntelBroker published screenshots of the EPE user interface and leaked a small sample of the EC3 SPACE database containing 9,128 records. The dump appears to include personal information of law enforcement officers and cybersecurity specialists with access to EC3 SPACE.

It is unknown how much IntelBroker is asking for the stolen data. Interested buyers must contact the seller directly, who notes that payment is accepted only in XMR (Monero) and that they will deal “only with verified users.”

Background on IntelBroker’s Activities

Since December of last year, IntelBroker has regularly leaked data allegedly stolen from various U.S. government agencies, including the State Department, Department of Defense, U.S. Army, Immigration and Customs Enforcement (ICE), and U.S. Citizenship and Immigration Services (USCIS).

IntelBroker has also been linked to other high-profile incidents, such as data leaks affecting members and staff of the U.S. House of Representatives, the breach of Hewlett Packard Enterprise (HPE), leaks involving General Electric, the Five Eyes intelligence alliance, and more.

Last week, IntelBroker offered access for sale to the network of Zscaler, a company specializing in cloud security. Zscaler representatives later stated that they had discovered a breach in an “isolated test environment,” which was subsequently taken offline for investigation. The company emphasized that its clients and production environments were not affected by the attack.

Leave a Reply