Hackers claim to have breached Europol web portal, but force says no significant data stolen

“In May 2024 Europol suffered a data breach and lead to the exposure of FOUO and classified data,” IntelBroker said. FOUO is short for “for official use only”, suggesting that the data is internal and possibly classified. “Compromised data: Alliance employees, FOUO source code, PDFs, documents for recon and guidelines.”

No operational information

The data was generated by different Europol departments, including the European Cybercrime Center (EC3), the Europol Platform for Experts (EPE), the Law Enforcement Forum, and SIRIUS (electronic evidence platform). 

Those interested in purchasing this database must have a proven track record on the underground forum, must have proof of funds, and can only pay in Monero (XMR). Monero is a privacy-oriented cryptocurrency, known for being exceptionally difficult, if not impossible, to track. It is also the most common cryptocurrency mined with cryptojackers, malicious cryptocurrency mining software such as XMRig. 

When reached out with questions about the sale, Europol said it was aware and assessing the situation, but added that the database contains no operational information: 

“No core systems of Europol are affected and therefore, no operational data from Europol has been compromised,” it said. “Initial actions have already been taken,” it added, though.

Cybercriminals are no strangers to attacking law enforcement agencies. 

In late 2021, for example, the known hacker Pompompurin compromised the FBI's external email system to send thousands of messages warning of a fake cybersecurity incident. Fitzpatrick was later arrested for operating the biggest underground hacking forum, after which he claimed responsibility for the FBI hack, too.

More from TechRadar Pro

• BreachForums hacking forum admin sentenced to 20 years supervised release
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now