A foreign hacker reportedly infiltrated FBI servers containing sensitive files related to the investigation of the late financier and convicted sex offender Jeffrey Epstein during a break-in at the bureau’s New York field office in February 2023, according to sources familiar with the matter and recently released Department of Justice documents.
This is the first time details of the breach, including the involvement of a foreign hacker, have been publicly reported. The FBI described the event as a “cyber incident” and said it was isolated. “The FBI restricted access to the malicious actor and rectified the network. The investigation remains ongoing, so we do not have further comments at this time,” the bureau said in a statement.
Breach Details and Discovery
According to the source, while the intrusion appeared to have been conducted by a cybercriminal rather than a foreign government, the incident highlights the intelligence value of the Epstein-related files. Legal disclosures over the past year have revealed Epstein’s connections to prominent figures across politics, finance, academia, and business, prompting investigations in multiple countries.
Jon Lindsay, a global security researcher at the Georgia Institute of Technology, said, “Who wouldn’t be going after the Epstein files if you’re the Russians or anyone interested in kompromat? If foreign intelligence agencies are not considering these files as a target, I’d be shocked.”
The breach occurred after a server at the FBI’s child exploitation forensic lab in New York was inadvertently left vulnerable. Special Agent Aaron Spivack, navigating the bureau’s complex digital evidence protocols, was responsible for the server when the breach happened on 12 February 2023. The intrusion was discovered the following day when Spivack reportedly found a text file warning that the network had been compromised.
Hacker’s Reaction and FBI Response
Investigators later identified unusual activity on the server, including access to certain files related to the Epstein investigation. The timeline in the DOJ documents does not clarify which specific files were accessed, whether data was exfiltrated, or the identity of the hacker. Reuters could not determine if the affected files overlapped with those published earlier this year or those still classified.
Spivack, cited in the DOJ documents, told FBI investigators that he felt “made a scapegoat” for the breach, citing conflicting bureau policies and inadequate IT guidance. The FBI’s internal review results were not publicly disclosed.
The source said the hacker did not seem aware that they had penetrated a law enforcement server. Reportedly, the intruder expressed disgust at the presence of child abuse images on the device and left a message threatening to report the owner to the FBI. Bureau officials de-escalated the situation by convincing the hacker that they were interacting directly with the FBI, including a video call in which law enforcement credentials were shown.
Broader Implications and Epstein Background
The documents reviewed were heavily redacted or withheld despite a law mandating full public release last year. Some material remains undisclosed to protect victims’ identities and ongoing investigations.
Epstein, a former associate of Donald Trump, pleaded guilty in 2008 to prostitution charges, including soliciting an underage girl. He was found hanged in his jail cell in 2019 while awaiting trial on federal sex-trafficking charges, a death ruled a suicide.
The cyber intrusion underscores vulnerabilities in law enforcement networks handling sensitive data, highlighting ongoing risks for intelligence-related materials. Experts stress that the incident reflects the high value of the Epstein files to both cybercriminals and potentially foreign intelligence operatives, and raises questions about the security of digital evidence in federal investigations.
