The Federal Bureau of Investigation released a statement over the weekend acknowledging that hackers managed to infiltrate the bureau’s email servers and send out tens of thousands of spam emails. The emails claimed to be official and were sent out from a compromised FBI-run online portal using a legitimate FBI email address ending in @ic.fbi.gov. However, the bureau claims that the hackers were unable to access any personal information or other identifiable data.
The FBI initially released a statement on Saturday before issuing an update on Sunday. “The FBI is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal (LEEP) to send fake emails,” the statement read. “LEEP is FBI IT infrastructure used to communicate with our state and local law enforcement partners.”
Videos by PopCulture.com
“While the illegitimate email originated from an FBI operated server, that server was dedicated to pushing notifications for LEEP and was not part of the FBI’s corporate email service,” the statement continued. “No actor was able to access or compromise any data or PII on the FBI’s network. Once we learned of the incident, we quickly remediated the software vulnerability, warned partners to disregard the fake emails, and confirmed the integrity of our networks.”
ย The Spamhaus Project, a nonprofit organization that monitors cybersecurity threats, shared some information about the phony emails on Twitter. They also shared screenshots of the emails in question.ย “We have been made aware of ‘scary’ emails sent in the last few hours that purport to come from the FBI/DHS. While the emails are indeed being sent from infrastructure that is owned by the FBI/DHS (the LEEP portal), our research shows that these emails *are* fake,” they tweeted. “These fake warning emails are apparently being sent to addresses scraped from ARIN database. They are causing a lot of disruption because the headers are real, they really are coming from FBI infrastructure. They have no name or contact information in the .sig. Please beware!” There is speculation that the hacker behind this breach uses the Twitter handle “@Pompompur_in.”
Most Viewed
-
Side-by-side: Images of Tim Allen, Stefan Gossler and Jackie Chan (Credit: Christian JENTZ/Gamma-Rapho // Franziska Krug/Getty Images // Stephane Cardinale/Corbis) -
Handcuffs laying on top of fingerprint chart in file (Credit: Getty Images/iStockphoto) -
A defocused police car sits behind crime scene tape with flashing lights at night. (Getty Images/iStockphoto) -
Beverly Hills, CA – January 31, 2026: Jelly Roll, left, and Bunnie Xo, right, pose for portraits on the red carpet during the 68th GRAMMY Awards Pre-GRAMMY Gala & GRAMMY Salute to Industry Icons Honoring Avery Lipman & Monte Lipman at the Beverly Hilton on Saturday, Jan. 31, 2026 in Beverly Hills, CA. Clive Davisโ annual pre-Grammy party hosts an array of A-listers from entertainment, sports, and politics to come together and enjoy performances. (Kayla Bartkowski/ Los Angeles Times) -
Netflix logo (Credit: Netflix) -
LOS ANGELES, CALIFORNIA – JANUARY 20: Bijou Phillips attends the World Premiere of "Infinite Icon: A Visual Memoir" at AMC The Grove 14 on January 20, 2026 in Los Angeles, California. (Photo by Axelle/Bauer-Griffin/FilmMagic) -
TODAY — Pictured: Savannah Guthrie and mother Nancy Guthrie on Thursday, June 15, 2023 — (Photo by: Nathan Congleton/NBC) -
PARK CITY, UTAH – JANUARY 25: Brandi Glanville attends the PBM Princess x Kemo Sabe red carpet event special screening of Rachel Straussโ Documentary "Side Effects May Includeโ during Sundance Film Festival on January 25, 2026 in Park City, Utah. (Photo by Tommaso Boddi/Getty Images for Rachel Strauss)
