Foreign hacker breaches FBI server containing Jeffrey Epstein Files, documents reveal

A foreign hacker broke into an FBI server connected to the Jeffrey Epstein case after a misconfigured system at the bureau’s New York Field Office left sensitive files exposed, according to a source familiar with the incident and Justice Department documents reviewed by Reuters.

The breach, which took place in early 2023, has not been widely reported until now. Details about who accessed the system — including the claim that the intruder was a foreign hacker — appear for the first time in recently released records tied to the federal government’s handling of Epstein-related documents.

FBI Hacked: Hackers Accessed FBI Server Linked to Epstein Files—What They Found Shocked Them

In a statement, the FBI confirmed what it described as a “cyber incident” involving its New York office. The agency characterized the breach as limited in scope.

“The FBI restricted access to the malicious actor and rectified the network. The investigation remains ongoing, so we do not have further comments to provide at this time.”

People familiar with the episode told Reuters the hacker appeared to be an independent cybercriminal rather than someone working on behalf of a government. Still, the fact that Epstein-related evidence sat on the compromised system raises questions about the intelligence value of those files.

Hackers Accessed FBI Server Linked to Epstein Files

Jon Lindsay, a researcher at the Georgia Institute of Technology who studies technology and international security, said any archive connected to Epstein would attract attention from intelligence services around the world.

“Who wouldn’t be going after the Epstein files if you’re the Russians or somebody interested in kompromat?” Lindsay said. “If foreign intelligence agencies are not thinking seriously about the Epstein files as a target, then I would be shocked.”

Public fascination with Epstein’s connections to political leaders, financiers, and prominent figures has remained intense since the Justice Department began releasing records tied to the case. Many of the documents were heavily redacted, and others remain sealed, fueling speculation about the full scope of the evidence gathered by investigators.

Epstein, a longtime associate of President Donald Trump, pleaded guilty in 2008 to prostitution charges, including soliciting an underage girl. He was arrested again in 2019 on federal sex trafficking charges involving minors. Weeks later, he was found hanged in his jail cell in New York. Authorities ruled the death a suicide.

The server breach happened on February 12, 2023, according to a timeline written by FBI Special Agent Aaron Spivack that later surfaced in the trove of Epstein-related documents released this year.

Spivack worked at the bureau’s Child Exploitation Forensic Lab inside the FBI’s New York Field Office. Investigators said the system was exposed after he attempted to work through complex procedures related to handling digital evidence. The move left the server accessible long enough for an external intruder to gain access.

The following day, Spivack powered on his computer and found a text file left by the hacker warning that the network had been compromised.

“The hack occurred after a server at the Child Exploitation Forensic Lab in the FBI’s New York Field Office was inadvertently left vulnerable by Special Agent Aaron Spivack, who was trying to navigate the bureau’s complex ​procedures for handling digital evidence, according to the source and the documents,” Reuters reported.

Internal records cited unusual activity across the server, including someone reviewing files connected to the Epstein investigation. The documents do not identify which files the hacker accessed, whether any material was copied, or whether any of that data later appeared in the Epstein records made public this year.

Reuters could not determine whether the compromised files overlapped with documents that remain under court seal.

Spivack denied responsibility for the breach when questioned by investigators. He said he had become “a scapegoat for the intrusion” and blamed conflicting technology policies inside the bureau for leaving the system vulnerable.

Spivack did not respond to repeated requests for comment. Reuters could not reach his lawyer, Richard J. Roberson Jr. Seven FBI agents named in the documents as participants in the investigation into the breach did not return messages.

The most unusual detail of the episode came after the hacker realized what was on the server.

The person familiar with the incident said the intruder initially believed the computer belonged to a private individual. According to that source, the hacker reacted with disgust after encountering images of child abuse stored on the device. The hacker left a message threatening to report the owner to authorities.

FBI officials then contacted the hacker directly. During the exchange, they convinced the intruder that the computer belonged to the FBI. At one point, agents displayed law enforcement credentials on a video call to verify their identities, according to the source.

The hacker’s identity remains unknown. Investigators have not publicly disclosed the country where the intrusion originated or whether any effort was made to pursue the person responsible.

The Justice Department has released thousands of pages of Epstein-related material under a federal transparency law passed last year. Many sections remain blacked out, and some records have yet to appear.

Officials say certain information remains sealed to protect victims and avoid interfering with ongoing investigations.

The episode highlights a different issue: even tightly controlled evidence in one of the most scrutinized criminal cases in recent history can be exposed by a single technical error.