IntelBroker Nabs Europol Info; Agency Investigating

A well-known hacking outfit called "IntelBroker" has put up for sale what it claims to be Europol data stolen earlier this month. The international law enforcement agency has confirmed that it's investigating the incident.

The data was advertised on the BreachForums Dark Web marketplace on Friday, and it was marked as sold the same day. The tranche purportedly includes internal emails, employee resume data, and various internal classified documents.

The posting reads, "In May 2024 Europol suffered a data breach and lead to the exposure of FOUO [for official use only] and classified data,” according to a screenshot from "Cryptonator1337" on X. “Compromised data: Alliance employees, FOUO source code, PDFs, documents for recon and guidelines.”

According to a Europol media statement, the main target of the theft is the Europol Platform for Experts (EPE), a data-sharing portal used by law enforcement to swap best practices and tips for making their jobs easier and more effective. EPE's website has been down since Friday.

"Europol is aware of the incident and is assessing the situation," according to the statement. "Initial actions have already been taken."

It added, "No operational information is processed on this EPE application. No core systems of Europol are affected and therefore, no operational data from Europol has been compromised."

IntelBroker, which provided a data sample in its underground forum ad that appeared to contain sensitive employee information, claimed that the data trove also includes info heisted from the European Cybercrime Centre (EC3), the Partnership on Climate Change and Sustainable Energy (CCSE), the Law Enforcement Forum, and Sirius, which is a platform for cross-border data-sharing. However, Europol has not confirmed this wider claim.  

This is not the first data security incident for Europol. In March, it came to light that physical intruders broke into a secure storage room within Europol's HQ in The Hague, making off with several files containing personal information of top law enforcement executives.

For more information on dealing with data breaches and what they mean for your organizations, don't miss "Anatomy of a Data Breach: What to Do if It Happens to You," a free Dark Reading virtual event scheduled for June 20.