A recent cyberattack by a well-known hacking outfit, named “IntelBroker,” has exposed sensitive data belonging to Europol, the international law enforcement agency. The data was put up for sale on the dark web marketplace, BreachForums, and reportedly included internal emails, employee resume data, and classified documents.
The breach, which occurred in May 2024, compromised the Europol Platform for Experts (EPE), a data-sharing portal used by law enforcement agencies to exchange best practices and tips. As a result, EPE’s website has been shut down since the incident was discovered.
Europol confirmed the breach and stated that they are currently assessing the situation. They have taken initial steps to address the issue, but maintain that no operational information is processed on the EPE application. They assured the public that no core Europol systems have been affected, and no operational data has been compromised.
IntelBroker, the hacking group responsible for the breach, claimed that the stolen data also included information from the European Cybercrime Centre (EC3), the Partnership on Climate Change and Sustainable Energy (CCSE), the Law Enforcement Forum, and Sirius, a platform for cross-border data-sharing. However, these additional claims have not been confirmed by Europol.
This is not the first security incident involving Europol. Earlier in the year, intruders broke into a secure storage room at Europol’s headquarters in The Hague and stole files containing personal information about top law enforcement executives.
As the investigation into the breach continues, organizations are reminded of the importance of protecting their data and being prepared for potential breaches. To learn more about dealing with data breaches and what they mean for your organization, consider attending the upcoming virtual event titled “Anatomy of a Data Breach: What to Do if It Happens to You” on June 20th, hosted by Dark Reading. Stay informed and proactive in safeguarding your data from cyber threats.