Europol confirms incident following alleged auction of personnel data • The Register

Europol is investigating claims by a cybercriminal that he stole confidential data from multiple agency sources.

Among the sources referred to by the cybercriminal is the Europol Expert Platform (EPE), which was confirmed to be the main subject of the incident and has been unavailable since May 10 due to maintenance.

The incident has not been acknowledged as a breach of the systems, although the European Union’s crime fighting agency has not explicitly denied the legitimacy of the claims.

“Europol is aware of the incident and is assessing the situation,” a spokesman said The registry. “Initial measures have already been taken.

“The incident concerns a closed user group of the Europol expert platform. No operational information is processed in this EPE application.

“No Europol core systems are affected and therefore no Europol operational data has been compromised.”

The perpetrator claiming responsibility for the attack operates under the name IntelBroker and also recently bragged about an attack on security company Zscaler, which later took a test environment offline as part of its investigation. A Zscaler employee also tried to stop speculation about a break-in on social media.

The cybercriminals already bragged last month about their role in stealing data from the Pentagon and other national security agencies.

IntelBroker claimed to have accessed Europol data classified as confidential and for official use only (FOUO), including source code, alliance personnel and “reconnaissance documents”.

In addition to EPE, they claim to have broken into the cryptocurrency and space divisions of Europol’s European Cybercrime Center (EC3), the Partnership on Climate Change and Sustainable Energy (CCSE) and the SIRIUS project.

IntelBroker provided a sample of data in its forum post to “prove” the authenticity of the break-in and theft to potential buyers. The example appeared to include screenshots of the EPE platform from the perspective of an authenticated user in the EC3 scope.

Additionally, images appeared to show IntelBroker accessing EPE discussions between law enforcement and SIRIUS officials about requesting sensitive data from social media platforms.

The SIRIUS project is funded by the EU and aims to provide investigators with the resources to more efficiently carry out cross-border data requests from other authorities and service providers, such as social media platforms.

Investigators also have the opportunity to share their experiences on specific requests as well as updated information for various service providers, for example on the best contact point for data requests. This was the case with the leaked samples that showed law enforcement officials discussing how to obtain information from Telegram.

Rounding out the sample of data leaked by IntelBroker is an extensive list of data about users of the EPE platform’s EC3 secure messaging feature. Data includes full names, job titles, employers, locations by country and areas of expertise.

The registry Europol requested additional information about the incident but did not respond.

IntelBroker updated the post and claimed the data has now been sold. No explicit price was set for the data, but the criminal requested offers via direct message on BreachForums and only accepted Monero.

System intrusions across the EU

The Europol incident came just weeks after the European Parliament told its staff that data from its recruitment app PEOPLE had been exposed.

Based in Luxembourg, PEOPLE is primarily used to recruit temporary staff such as interns, contractors, consultants and assistants.

Kristian Knudsen, director general for human resources at the European Parliament, told staff that their data may have been exposed following an attack earlier this year, according to a memo seen by Euractiv.

Employees have been urged to change their passwords and inform their family and friends of the issue to avoid being caught up in potential scams that could result from criminals sharing their details. ®