FBI is probing ‘suspicious’ breach into bureau networks

STR/NurPhoto via Getty Images

Featured eBooks
Health Tech
Read Now

CDM

Read Now

Future-Ready Workforce

Read Now
Insights & Reports
Transforming Vulnerability and Exposure Management for a US State Agency
Presented By Nucleus
Download Now
From Ambition to Action: Modernizing Federal Healthcare IT
Presented By Google Public Sector
Download Now
David DiMolfetta By David DiMolfetta,
Cybersecurity Reporter, Nextgov/FCW

By David DiMolfetta

|

Initial reporting tied the incident to the FBI’s wiretap systems, which are used to lawfully surveil suspected criminals and spies.

The FBI is investigating a possible cyber breach into bureau networks, the agency confirmed to Nextgov/FCW.

“The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond,” the bureau said Thursday. The statement did not elaborate further.

CNN first reported the incident and said the breach concerned a network used to facilitate and manage court-ordered wiretapping requests, citing a person familiar with an investigation into the matter. Nextgov/FCW could not independently confirm the matter was linked to wiretap systems.

Wiretaps are a common law enforcement technique used to lawfully intercept communications data on domestic targets. To obtain data, FBI analysts are typically required to obtain a warrant from a judge, allowing them to compel communications providers to hand over call, text or email data tied to a target. Specialized court orders can also allow for real-time surveillance of phone calls.

The FBI is also a heavy user of a communications intercept law housed in Section 702 of the Foreign Intelligence Surveillance Act, which lets certain agencies target overseas foreigners’ communications without a warrant. 

Telecom providers’ “lawful intercept” wiretapping systems were ensnared in a sweeping Chinese hack uncovered in 2024. The hackers, tied to a group called Salt Typhoon, leveraged the intrusions to target communications of high profile political officials including President Donald Trump and Vice President JD Vance.

Foreign adversaries may, at any point in time, be targeting U.S. government systems. Wiretap contents are especially high-value intelligence targets because they could reveal sensitive information about what officials are thinking or planning.

It’s not clear if Salt Typhoon or another collective tied to foreign hackers was involved in the incident. Salt Typhoon is likely holding onto pilfered data “in perpetuity” for future theft and cyber exploitation, a top FBI official said last month.

The FBI has lost many of its staff in the last year amid a mix of firings and other mechanisms used by the second Trump administration to curtail the size of the federal workforce. That turnover has threatened the bureau’s national security resources, experts argue.

NEXT STORY: Iran-linked hacktivists could target governments, experts warn