WASHINGTON (Dispatches) -- Hackers compromised a Federal Bureau of Investigation email system on Saturday and sent tens of thousands of messages warning of a possible cyberattack, according to the agency and security specialists.
Fake emails appeared to come from a legitimate FBI email address ending in @ic.fbi.gov, the FBI said in a statement.
Although the hardware impacted by the incident “was taken offline quickly upon discovery of the issue,” the FBI said, “This is an ongoing situation.”
The hackers sent tens of thousands of emails warning of a possible cyberattack, threat-tracking organization Spamhaus Project said on its Twitter account.
A copy of an email posted by Spamhaus on Twitter showed a subject line of “Urgent: Threat actor in systems” and appeared to end with a sign-off from the Department of Homeland Security.
The FBI is part of the Department of Justice.
The FBI routinely warns American companies of cyber threats targeting particular industries, or when they learn of malicious hackers trying an effective new technique. This is believed to be the first known case of a seemingly malicious actor gaining access to one of those systems to send spam to a large number of people.
There has been a number of high-profile breaches of U.S. government networks in recent months.
In June, U.S. officials warned of a growing threat of cyberattacks against American companies and government entities.
U.S. commerce secretary Gina Raimondo said then the threat was “here to stay” and might even get worse, appealing for vigilance from the private sector in the face of increasingly serious cyberattacks.
While it’s common for scammers to make it appear that they’re sending an email from someone else’s address, the emails’ metadata made it clear that they were sent from an FBI server, said Alex Grosjean, a researcher at the Spamhaus Project, a European nonprofit that monitors email spam.
The recipients of the emails appear to be the publicly listed administrators of websites listed on the American Registry for Internet Numbers, Grosjean said.
In an emailed statement, the FBI and Cybersecurity and Infrastructure Security Agency indicated an unauthorized person had accessed FBI infrastructure and said that the situation was ongoing.