Europol Confirms Breach of Expert Platform, Data Exposure Limited

The malicious actor known as IntelBroker claims to have stolen confidential documents from Europol’s Europol Platform for Experts (EPE).

Europol has confirmed the breach of the EPE portal, designed for knowledge and methodology exchange among law enforcement experts. Europol noted that the breach affected only a “closed group of users” of the EPE and did not compromise the agency’s core systems or operational data.

Currently, the EPE site is non-functional, displaying a maintenance message. Meanwhile, IntelBroker, responsible for the data leak, stated that he has access to information about alliance personnel, intelligence data, source code, and various FOUO documents of the EC3 SPACE platform, which serves over 6,000 accredited cybercrime experts worldwide.

IntelBroker also claimed access to the SIRIUS platform, used by judicial and law enforcement authorities from 47 countries, including EU member states, the UK, and countries with cooperation agreements with Eurojust and the European Public Prosecutor’s Office. SIRIUS is used to access cross-border electronic evidence in criminal investigations.

IntelBroker published screenshots of the EPE interface and a small sample from the EC3 SPACE database, allegedly containing the personal data of 9,128 law enforcement officers and cybercrime experts. In a forum post, the hacker indicated he is waiting for price offers in Monero (XMR) cryptocurrency and that he sells data “only to verified members.”

Since his emergence in the hacker community in October 2022, IntelBroker has gained notoriety for selling data from the U.S. government and military, hacking the insurance company DC Health Link, which led to Congressional hearings after he disclosed the personal data of members and staff of the U.S. House of Representatives.

Another notable incident involving IntelBroker was the breach of General Electric, during which he stole information about DARPA military projects, including SQL files, technical documents, and strategic reports. Other victims include Facebook Marketplace and Los Angeles International Airport (LAX).