This designation applies to breaches that are likely to cause demonstrable harm to U.S. interests or expose significant amounts of personally identifiable information, and it requires that agencies and their contractors implement security measures to protect computers systems, according to the report.
The FBI launched an inquiry in February to investigate abnormal activity on the network that it uses to manage surveillance work and that contains sensitive law enforcement information, the report said.
Officials from the FBI and the Justice Department are conducting remedial efforts related to the incident, per the report.
The agencies told Congress in an earlier notice, according to the report: “The threat actor’s techniques identified to date appear sophisticated. These techniques include leveraging a commercial Internet Service Provider vendor’s infrastructure to exploit FBI network security controls.”
In an earlier, separate incident involving a government agency, it was reported in December 2024 that Treasury Department workstations were breached by China-backed hackers who then stole unclassified documents.
In that incident, hackers gained access to the Treasury workstations by compromising a third-party cybersecurity service provider and stealing a key the vendor used to secure a cloud-based service through which it provided tech support to Treasury Department offices’ end users.
Officials described the attack as a “major incident.”
In another incident, in December 2020, it was reported that an emergency meeting of the National Security Council at the White House was triggered by attacks in which hackers linked to the Russian government targeted Treasury, the Department of Commerce and its National Telecommunications and Information Administration unit.
It was reported that the email-system entry may have been related to an IT services company that said it had been targeted by a “highly sophisticated, targeted and manual supply chain attack by a nation state.”
Reuters quoted one unnamed government official as having said about that attack: “This is a much bigger story than one single agency. This is a huge cyber espionage campaign targeting the U.S. government and its interests.”