A Hacker Accidentally Broke into the FBI's Epstein Files

A Hacker Accidentally Broke Into the FBI’s Epstein Files | WIRED Skip to main content Save Story Save this story Save Story Save this story The United States and Israel’s war with Iran has now been ongoing for two weeks, and the bombs continue to fall. But many of Iran’s missiles are failing to hit their targets. WIRED’s team in the Middle East detailed how countries in the Gulf region are intercepting these weapons . Of course, the international conflict is not just happening in the physical realm. This week, a hacker group tied to Iran’s Ministry of Intelligence severely disrupted the systems of US-based medical technology company Stryker. The attack, carried out by a group currently known as Handala has been particularly active since the wake of the October 7, 2023, Hamas attack on Israel. We detailed how Handala has sown chaos with “opportunistic” attacks that look like hacktivism but are believed to be part of an Iranian state-backed campaign. Hacking isn’t the only type of war-linked cyberattack disrupting life in the Middle East and beyond. The rise of GPS attacks have made some basic activities, like using navigation apps or ordering food from a delivery service , nearly impossible for people in countries near Iran. Meta this week took steps to further crack down on the flood of scammers o n its platforms, including Facebook and Instagram. In addition to new warnings for people using Meta apps, the company said it took down nearly 11 million accounts linked to “criminal scam centers” last year. The US Department of Homeland Security quietly ousted two of the agency’s privacy officials after they questioned the mislabeling of certain records related to surveillance technologies and other tech in ways that would prevent their release to the public. Experts called the mislabeling “illegal.” And a new bill in Congress aims to stop the FBI’s practice of warrantlessly accessing Americans’ private communications , and end the government’s practice of buying people’s data in ways that critics say circumvents Fourth Amendment protections. But that’s not all! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there. A Foreign Hacker Accidentally Broke Into the FBI’s Epstein Files Three years ago, a hacker broke into a server full of emails, images, and other assorted documents stored on a mysterious server. The hacker was so appalled by the materials, which appeared to contain child abuse images, that the intruder left a message threatening to turn over the evidence to the FBI. What that hacker didn’t know, it turns out, is that the server was the FBI’s—and the data it stored was, in fact, the full trove of evidence collected in the criminal case of convicted sex offender Jeffrey Epstein, what’s known today as the Epstein files. Reuters reported this week that a foreign hacker inadvertently broke into those files after they were left exposed on an FBI server at its Child Exploitation Forensic Lab due to security oversights that later became the subject of an internal FBI investigation. The FBI confirmed the incident to Reuters, calling it “isolated,” but Reuters couldn’t determine what the consequences were for the hacker or if any of the data was stolen or manipulated. When the hacker threatened to report the owners of the child abuse materials, however, the bureau’s agents went so far as to meet the hacker in a video call to explain the situation, flashing FBI credentials to prove their bona fides. Porn-Quitting App Exposed the Masturbation Records of Hundreds of Thousands of Users When it promised to help men quit watching porn by letting them keep track of when they do, the app Quittr ended up with very detailed records of hundreds of thousands of users’ detailed masturbation records. Then it exposed them online—and left them exposed even after a warning from an independent security researcher. The researcher told 404 Media back in January that they accessed Quittr’s data on around 600,000 users, about 100,000 of whom appeared to be minors. The exposed data included their age, how frequently they masturbate, and their descriptions of their porn habits and experiences. The security researcher warned the company about the security issue last September, and the app’s cocreator said that it would be fixed “in the next hour.” Instead, it remained unfixed for months. (404 Media waited until the fix was confirmed to name the app, to avoid helping hackers identify a target for data theft and possible extortion.) Meanwhile, the app’s creators were featured in a New York Magazine profile about their lifestyle, which includes driving supercars and living in a Miami mansion. A 60-Year-Old British Man Charged in Dubai for Filming an Iranian Missile Strike Amidst Iran’s missile and drone strikes across the Middle East in retaliation for the US and Israel’s bombing campaign, one 60-year-old British man has been detained and charged by Dubai police for filming an Iranian missile attack with his phone. According to Detained in Dubai, an organization that offers legal assistance in the country, the man is one of 21 people charged with publishing or sharing videos related to the missile strikes under the United Arab Emirates’ cybercrime laws, which prohibit publication of videos that disturb public security. "We're seeing more and more people being charged under the UAE's cybercrime rules,” Detained in Dubai CEO Radha Stirling told the BBC, adding that the arrest was likely part of an attempt to "maintain the facade that it is safe for tourists” in Dubai, even as the war in the region escalates. Russian Hackers Are Going After Signal Accounts, Dutch Officials Warn Two of the Netherlands’ intelligence agencies, the General Intelligence and Security Service and the Defence Intelligence and Security Service, issued a joint cybersecurity notice warning the public that Russian state hackers have been running a “large-scale global cyber campaign” to access the Signal and WhatsApp accounts of persons of interest to the Russian government, including Dutch government employees and potentially journalists. The Dutch notice says that the Russian hackers might have targeted Signal in particular because its reputation as a secure app makes it an “attractive channel” for government officials to communicate . Both Signal and WhatsApp offer end-to-end encryption, but the Dutch officials say that Russian hackers have managed to attack user accounts in two ways. In the first type of attack, hackers pretend to be Signal customer support, and ask for a verification code that a victim is sent from Signal, along with the victim’s PIN number. Once a victim has handed those over, the hacker can take control of the victim’s account, locking them out and allowing hackers to see new messages as they come in. On Bluesky, Signal posted that Signal Support would never ask users for a verification code or PIN via in-app messages, and that “if anyone asks for any Signal related code, it is a scam.” In the second type of attack, which WIRED has previously reported , Russian hackers trick a victim into scanning a QR code that links the victim’s account with a device that the hacker owns. The victim can still access their account, but the hackers can see new messages as they come in and send messages in the victim’s name. You Might Also Like In your inbox: The week’s biggest tech news in perspective This popular pro-Trump X account is apparently run by a White House staffer Big Story: The five big ‘known unknowns’ of Trump’s war with Iran The system that intercepted Iran’s missiles over the UAE Listen: The Pentagon vs. “woke” Anthropic Written by WIRED Staff Topics security roundup hacking cybersecurity security Russia Iran pornography FBI One of Our Favorite Large TVs Is $400 Off The 85-inch Hisense U7 gets a big discount, with markdowns for smaller sizes too. Nvidia Is Planning to Launch an Open-Source AI Agent Platform Ahead of its annual developer conference, Nvidia is readying a new approach to software that embraces AI agents similar to OpenClaw. ‘Flying Cars’ Will Take Off in American Skies This Summer The federal government announced a new pilot program designed to get new kinds of ultralight vehicles and “eVTOLs” up and running around the country—even if they're not fully FAA-certified. Anthropic Claims Pentagon Feud Could Cost It Billions Executives at the AI startup say companies paused deal talks after the Trump administration labeled it a supply-chain risk, warning that the fallout could cause a major revenue hit. OpenAI and Google Workers File Amicus Brief in Support of Anthropic Against the US Government Google DeepMind chief scientist Jeff Dean is among the AI researchers and engineers rushing to Anthropic's defense. H&R Block Coupon: $50 Off Assisted Tax Prep When you visit your local H&R Block store or get help from a tax pro online, you can save up to $50 when you use one of our (unique) codes. How to Run Ethernet Cables Around Your Home Boosting internet speeds around your home is easy with Ethernet cables, and these tips will help you keep things neat. Force Your MacBook to Only Charge up to 80 Percent (and Why You Should) Laptop batteries lag in performance as they age. But you can slow down their deterioration by tweaking your Mac’s charging settings. The Moka Pot Is the Best Way to Brew Coffee Bialetti’s timeless design doesn’t just look good. It makes an incredible cup that’s perfect to keep you awake through the time change. The Sunrise Alarms That Actually Woke Me Up I’ve never been a morning person. This bedside gadget is the only thing that’s ever changed that. Left-Handed People Are More Competitive, Says Science A recent study suggests that left-handed people have an advantage in competitive contexts, while righties tend to cooperate better. I Test Many Coffee Makers. This Is Why the Ratio Four Never Leaves My Counter A new generation of home machines has made good old drip coffee a place for connoisseurs. For more than a year, the Four is the source of my morning cup.