Hackers claim to have breached Europol web portal, but force says no significant data stolen

anonymous hackers in cyber war against Russia over Ukraine
(Image credit: Getty Images)

Sensitive Europol data was put up for sale on a dark web forum, but the European law enforcement agency is playing down the importance of the event. 

Infosecurity Magazine claims a known leaker, going by the alias IntelBroker, published a new ad on the popular BreachForums on Friday. In the ad, the leaker claims whoever buys the new database will get plenty of sensitive Europol information: 

“In May 2024 Europol suffered a data breach and lead to the exposure of FOUO and classified data,” IntelBroker said. FOUO is short for “for official use only”, suggesting that the data is internal and possibly classified. “Compromised data: Alliance employees, FOUO source code, PDFs, documents for recon and guidelines.”

No operational information

The data was generated by different Europol departments, including the European Cybercrime Center (EC3), the Europol Platform for Experts (EPE), the Law Enforcement Forum, and SIRIUS (electronic evidence platform). 

Those interested in purchasing this database must have a proven track record on the underground forum, must have proof of funds, and can only pay in Monero (XMR). Monero is a privacy-oriented cryptocurrency, known for being exceptionally difficult, if not impossible, to track. It is also the most common cryptocurrency mined with cryptojackers, malicious cryptocurrency mining software such as XMRig. 

When reached out with questions about the sale, Europol said it was aware and assessing the situation, but added that the database contains no operational information: 

“No core systems of Europol are affected and therefore, no operational data from Europol has been compromised,” it said. “Initial actions have already been taken,” it added, though.

Cybercriminals are no strangers to attacking law enforcement agencies. 

In late 2021, for example, the known hacker Pompompurin compromised the FBI's external email system to send thousands of messages warning of a fake cybersecurity incident. Fitzpatrick was later arrested for operating the biggest underground hacking forum, after which he claimed responsibility for the FBI hack, too.

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.