![](\"https:\/\/www.insurancejournal.com\/app\/uploads\/2026\/04\/FBI-seal-Bloomberg-580x387.jpg\")
<\/p>\n![](\"https:\/\/www.insurancejournal.com\/app\/uploads\/2026\/04\/FBI-seal-Bloomberg-scaled.jpg\")
<\/div>\nThe Federal Bureau of Investigation has concluded that last month\u2019s breach of the networks it uses to manage wiretaps and other surveillance work qualifies as a \u201cmajor incident,\u201d signaling the severity of an intrusion that had already prompted the agency to launch a criminal probe and move to toughen cybersecurity.<\/p>\n
An inquiry into abnormal activity on the compromised network was opened on Feb. 17, according to a notice to Congress from the Justice Department that was reviewed by Bloomberg News. The affected system contains sensitive law enforcement information, including data from electronic surveillance and personal identification information on subjects of bureau investigations, according to the notice.<\/p>\n
Senior officials at the Justice Department determined on March 23 that the intrusion represented a \u201cmajor incident\u201d under a 2014 law requiring agencies and their contractors to implement security measures to protect government computer systems, according to the notification. FBI and Justice officials are conducting forensic examinations of the breach, along with other remedial efforts, it said.<\/p>\n
\u201cIn response to the incident, the Department initiated the establishment of a working group dedicated to enhancing cyber resilience and improving cyber incident response processes,\u201d the notice said. The Department asked recipients to keep the document confidential.<\/p>\n
Under the Federal Information Security Modernization Act and subsequent guidance from the White House budget office, a \u201cmajor incident\u201d is defined as any network breach that\u2019s likely to cause demonstrable harm to national security and other US interests. The definition also applies to episodes that expose significant amounts of personally identifiable information.<\/p>\n
An FBI spokesperson didn\u2019t immediately offer any comment on the breach. Politico reported earlier on the notice to Congress.<\/p>\n
The notice didn\u2019t say who investigators think might be responsible for entering the FBI networks without authorization, nor did it describe the extent of the breach, including what data specifically might have been compromised.<\/p>\n
Lawmakers were initially informed of the breach in a brief notice in early March that was also seen by Bloomberg News. At the time, the Justice Department and FBI said they had not yet \u201cdetermined the scope or impact of the incident\u201d but promised further updates.<\/p>\n
\u201cThe threat actor\u2019s techniques identified to date appear sophisticated,\u201d the agencies told lawmakers in the earlier notice. \u201cThese techniques include leveraging a commercial Internet Service Provider vendor\u2019s infrastructure to exploit FBI network security controls.\u201d<\/p>\n
Photo: The seal of the Federal Bureau of Investigation on the office building in Washington. Photographer: Tierney L. Cross\/Bloomberg<\/em><\/p>\n Was this article valuable?<\/p>\n<\/p><\/div>\n