Europol has launched an investigation after a well-known black hat hacker has offered to sell classified data allegedly stolen from the law enforcement agency’s systems.
The hacker known as IntelBroker announced on May 10 that he gained access to Europol systems and obtained For Official Use Only (FOUO) and classified data, including employee information, source code, and “recon” and guideline documents. The hacker claimed the data come from several “agencies” within Europol.
However, most of these “agencies” appear to be projects within the Europol Platform for Experts (EPE), a platform where law enforcement experts share knowledge, best practices and crime data.
IntelBroker posted several screenshots to demonstrate his claims, including ones apparently showing access to the EPE platform, as well as emails, a presentation marked ‘confidential’, and a user database sample associated with the EPEs Secure Platform for Accredited Cybercrime Experts (SPACE) site.
On May 11 the hacker updated his initial post, claiming that the data had been sold.
Contacted by SecurityWeek, Europol confirmed that the incident “concerns a Europol Platform for Expert (EPE) closed user group”.
The law enforcement agency said an investigation is being conducted and initial actions have already been taken. The EPE website is down at the time of writing, displaying an ‘under maintenance’ message.
“No operational information is processed on this EPE application,” a Europol spokesperson said. “No core systems of Europol are affected and therefore, no operational data from Europol has been compromised.”
IntelBroker recently claimed to have hacked cybersecurity firm Zscaler and offered to sell access to the company’s systems. Zscaler is conducting an investigation, but so far it has found no evidence that production, customer and corporate environments have been impacted. The company did find a test environment that was exposed to the internet, but did not specifically say whether that system was involved in the breach.
IntelBroker has been offering to sell data allegedly stolen from government organizations and high-profile companies since at least late 2022. While in many cases the data appeared to be valid, some of the hacker’s claims seemed false or exaggerated.
Related: Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums
Related: Hacker Forum Credentials Found on 120,000 PCs Infected With Info-Stealer Malware
Related: List Containing Millions of Credentials Distributed on Hacking Forum, but Passwords Old