The threat actor IntelBroker announced on the cybercrime forum Breach the hack of the European law enforcement agency Europol.
The hacker said that the compromised data includes FOUO (For Official Use Only) and other classified data, such as Alliance employees, files related to recon and guidelines
IntelBroker added that the security breach occurred in May 2024, he said that impacted agencies are the CCSE (Joint Center for European Security), EC3, the Europol Expert Platform, the Law Enforcement Form, and the SIRIUS system. SIRIUS is an EU-funded project that helps law enforcement and judicial authorities access cross-border electronic evidence in the context of criminal investigations and proceedings.
“Hello BreachForums Community,
Today, I am selling the entire data breach belonging to Europol. Thanks for reading, enjoy!” announced the hacker. “In May 2024, Europol suffered a data breach and lead to the exposure of FOUO and classified data.”
The seller accepts only payments in Monero cryptocurrency.
This week IntelBroker also announced on a Breach Forums the sale of the access to “one of the largest cyber security companies.” IntelBroker did not reveal the name of the compromised security firm, but the threat actor announced in the BF ShoutBot that the company is ZScaler.
IntelBroker has offered to sell “confidential and highly critical logs packed with credentials”, including SMTP access, PAuth access, and SSL passkeys and certificates, for a total price of $20,000 in cryptocurrency.
“Hello BreachForums Community. Today Im sellng access to one of the largest cyber security companies. Revenue: $1.8 Billion Access includes: Confidential and highly critical logs packed with credentials SNITP Access Muth Pointer Auth Access SSL Passkeys S. SSL Certificates some others (will be on contact)” reads the announcement published by IntelBroker who is demanding $20K in XMR or ETH.
The seller added that the sale is covered by escrow, he will sell the access only to reputable forum members that will provide proof of funds.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, cybercrime)