The FBI has officially designated a recent breach of its surveillance systems as a “major incident,” a label reserved for cyber intrusions that threaten national security or involve significant amounts of sensitive data.
In a statement confirmed Friday, the bureau revealed that the hack targeted an unclassified network and has triggered mandatory notifications to Congress under the Federal Information Security Modernization Act (FISMA).
The agency discovered the breach after spotting “anomalous activity” on the network. While the FBI stated it moved quickly to remediate the issue using all available technical resources, the investigation determined that the hackers gained entry through a third-party provider rather than a direct hit on the bureau’s internal infrastructure.
“The FBI is following the required steps under FISMA, including notifying Congress, and remains focused on countering nation-state and cybercriminal activity,” the agency said.
READ: U.S. Marshals Launch Texas Manhunt: Teen Wanted For Capital Murder
While the bureau has not publicly named a specific culprit, several reports suggest investigators suspect hackers linked to China are behind the operation. The scale of the data accessed appears significant; according to Politico, the compromised system housed information from “pen register” and “trap and trace” devices.
These tools are used by law enforcement to log the origin and destination of phone calls. Additionally, the breach reportedly exposed personally identifiable information related to individuals currently under FBI investigation.
Under 2025 federal guidance, a “major incident” is defined as any event likely to cause “demonstrable harm to the national security interests, foreign relations, or economy of the United States.”
The classification also applies to breaches involving personal data that could pose similar levels of risk to the public or government operations.
As the FBI works to secure the system, the focus remains on assessing exactly how much surveillance data was exfiltrated and the potential impact on ongoing criminal and counterintelligence cases.
Understanding FISMA Compliance
- Annual Security Reviews: FISMA requires federal agencies to conduct yearly independent evaluations of their information security programs to ensure they are effective against evolving threats.
- Congressional Notification: When a breach is labeled a “major incident,” agencies are legally obligated to notify Congress, typically within seven days of the determination.
- Risk-Based Standards: The act mandates that agencies follow security standards set by the National Institute of Standards and Technology (NIST), which focus on a “detect, respond, and recover” framework.
- Third-Party Oversight: Modern FISMA guidance places heavy emphasis on the security of third-party contractors and service providers, as these are often the primary entry points for cyberattacks.
- Data Integrity: A core goal of FISMA is to protect the confidentiality and integrity of personally identifiable information (PII) held by the government, ensuring it isn’t modified or stolen by unauthorized actors.
Please make a small donation to the Tampa Free Press to help sustain independent journalism. Your contribution enables us to continue delivering high-quality, local, and national news coverage.
Sign up: Subscribe to our free newsletter for a curated selection of top stories delivered straight to your inbox
