FBI says cyber incident at New York Field Office ‘contained’

The Bureau is working to gain additional information about the reported cyberattack.
Entrance to the FBI Building in Washington, DC.

The Federal Bureau of Investigation says it has contained a cyber incident at the agency’s New York Field Office that reportedly affected a computer network used in child sexual exploitation investigations.

In a statement to FedScoop the agency said it is aware of the incident and is working to gain additional information.

The agency added: “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”

CNN first reported details of the cyber incident, which is understood to have primarily affected the agency’s New York Field Office.


Two sources briefed on the matter told the news organization that the incident involved an FBI computer system used in investigations of images of child sexual exploitation.

The FBI has been compromised in by other cyber incidents in the past couple of years, including a November 2021 cyberattack on its Law Enforcement Enterprise Portal which resulted in fake cyber alert emails being sent on the agency’s behalf.

The FBI said at the time that it took action to remediate the software vulnerability, warned partners to disregard the fake emails and confirmed the integrity of its networks. However, the bureau has yet to publicly name a suspect for that attack.

Speaking with FedScoop, Global Head of Professional Services at BlueVoyant and former FBI Crimes Against Children Coordinator in New York Austin Berglas said it was unlikely the incident would result in the disclosure of classified information.

He said: “The most likely scenario is dirty evidence with a virus from a child pornographer evaded the FBI’s malware detection tools and was uploaded to the forensic network of the FBI in New York.”


Berglas added: “But most importantly, if protocol was being followed then no classified or top secret info was effected by this apparent attack because there’s a strict procedures in place. The classified and top secret information is not connected to the forensic computer network that was affected by the incident.”

Editor’s note, 2/17/22: This story was updated to include comment from Austin Berglas.

Latest Podcasts