Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Europol data breach claimed by IntelBroker

The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems.

user icon Daniel Croft
Mon, 13 May 2024
Europol data breach claimed by IntelBroker
expand image

Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.

“In May 2024, Europol suffered a data breach and lead to the exposure of FOUO [For Official Use Only] and classified data,” said IntelBroker.

“Compromised data: Alliance employees, FOUO source code, PDFs, Documents for recon and guidelines.”

============
============

According to IntelBroker, the Europol agencies that were breached include the CCSE, Cryptocurrencies - EC3, Space - EC3, Europol Platform for Experts, Law Enforcement Form and SIRIUS.

According to VenariX, as seen by Cyber Daily, data could also include personal information such as names, email addresses, and confidential business data.

A sample posted by IntelBroker verifies this and names a number of individuals from different agencies, including the Slovenian Police, Switzerland Law Enforcement and the Austrian Police.

Responding to IntelBroker’s post, Europol released a statement confirming that it was aware of the claims and that it was investigating the incident.

“Europol is aware of the incident and is assessing the situation. Initial actions have already been taken. The incident concerns a Europol Platform for Expert (EPE) closed user group,” Europol said in a statement seen by BleepingComputer.

“No operational information is processed on this EPE application. No core systems of Europol are affected and therefore, no operational data from Europol has been compromised.”

This is the second high-profile breach of late from IntelBroker, which recently claimed to have data belonging to Zscaler.

The cyber security company was forced to take one of its systems offline following the news that data had been allegedly stolen and was being sold online for US$20,000.

“There is an ongoing investigation we initiated immediately after learning about the claims. We take every potential threat and claim very seriously and will continue our rigorous investigation,” the company wrote, despite initially dismissing the claims.

As part of the investigation, Zscaler said it discovered an “isolated test environment on a single server (without any customer data) which was exposed to the internet”, which was promptly taken down.

“The test environment was not hosted on Zscaler infrastructure and had no connectivity to Zscaler’s environments,” it said.

The company added that it was able to confirm that its customer, production and corporate environments suffered no impact as a result of the incident. The next day, it also engaged a “reputable incident response firm”.

Additionally, as reported by CSO Online, a Zscaler employee also said the claims of the attack were “completely inaccurate and unfounded”.

“We regularly see attempted attacks and rumours circulating, but it is crucial to rely only on official communications from Zscaler itself to get factual updates and information,” the employee said.

That being said, a number of users on X claim that the breach is confirmed, including @DarkWebInformer, who has a reputation for sharing information on breaches.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.