Foreign Hacker Breached FBI Servers Containing Epstein Files in 2023
A foreign hacker compromised files related to the FBI's investigation of the late sex offender Jeffrey Epstein during a cyber intrusion at the bureau's New York field office three years ago, according to a source familiar with the matter and recently published justice department documents reviewed by Reuters. The details of who accessed a server at the FBI's New York field office, including the allegation that a foreign hacker was involved, are being reported here for the first time.
FBI Response and Incident Details
In a statement, the FBI described the event as a "cyber incident" that was "an isolated one." The bureau stated, "The FBI restricted access to the malicious actor and rectified the network. The investigation remains ongoing, so we do not have further comments to provide at this time." Although the source indicated the intrusion appeared to have been carried out by a cybercriminal rather than a foreign government, the incident highlights the files' potential intelligence value, as noted by an academic.
The legally mandated publication of US justice department documents has exposed Epstein's ties to prominent figures in politics, finance, academia, and business, triggering investigations worldwide. Jon Lindsay, a researcher at the Georgia Institute of Technology, commented, "Who wouldn't be going after the Epstein files if you're the Russians or somebody interested in kompromat? If foreign intelligence agencies are not thinking seriously about the Epstein files as a target, then I would be shocked."
Timeline and Discovery of the Breach
The hack occurred after a server at the child exploitation forensic lab in the FBI's New York field office was inadvertently left vulnerable by Aaron Spivack, a special agent navigating complex procedures for handling digital evidence, according to the source and documents. A timeline written by Spivack, included in a large cache of Epstein documents released earlier this year, stated the break-in happened on 12 February 2023. It was discovered the following day when Spivack turned on his computer and found a text file warning that his network had been compromised.
Further investigation revealed traces of unusual activity on the server, including combing through certain files pertaining to the Epstein investigation. The timeline does not specify which files were accessed, whether data was downloaded, or the hacker's identity. Reuters could not establish any overlap between the affected data and the published Epstein documents or files still under wraps.
Hacker Interaction and Aftermath
In his statement to FBI investigators, Spivack claimed he was made "a scapegoat for the intrusion" and blamed conflicting bureau policies and faulty IT guidance. Reuters could not determine the outcome of the internal investigation. The person familiar with the breach said the intrusion was by a foreign hacker who did not appear to realize they had penetrated a law enforcement server. The hacker expressed disgust at child abuse images on the device and left a message threatening to report the owner to the FBI.
The source said FBI officials defused the situation by convincing the hacker they were the FBI, partly through a video chat where agents flashed their credentials. Reuters could not determine the hacker's identity, country of operation, actions with accessed material, or any efforts to identify or punish them. Many justice department documents have been heavily redacted or kept secret despite a law mandating full release last year, with the Trump administration citing protection of victims' identities and ongoing investigations.
