I read the timeline and felt that small cold knot in my stomach — a text file, a warning, a man who realized something had gone very wrong. You can imagine sitting at your desk when a stranger tells you the network is compromised and shows you an image that stops you. By the next morning the FBI was in the room, trying to explain how an agency that hunts hackers had been hacked.
A plain text file on a lab server, then a growing trail
A Special Agent in New York found a .txt note on February 13, 2023.
That note is the breadcrumb that reveals how a foreign hacker gained access to files tied to Jeffrey Epstein long before the public saw some of those documents in 2025. I read the timeline written by Special Agent Aaron Spivack — it’s in the bundle of records released by the Department of Justice and flagged by Reuters — and it places the intrusion at the FBI’s Child Exploitation Forensic Lab inside the New York Field Office on February 12, 2023.
Investigators later traced unusual activity: someone “combing through certain files pertaining to the Epstein investigation.” You should picture an investigator who wakes to a string of anomalies, and then has to explain why an FBI server was reachable to an outsider.
Did a foreign hacker access Epstein files in 2023?
Yes — according to Reuters citing newly released Justice Department documents and an anonymous source, a foreign cybercriminal accessed the bureau’s system during that breach. The incident was first reported by Reuters and CNN, and the freshly released paperwork gives a clearer view of who was inside the network and what they saw.
A stranger’s message, a bizarre video call, and an awkward reveal
A person who breached the server apparently thought they were reporting abuse, not targeting the FBI.
The source Reuters spoke with says the intruder encountered child-abuse images and threatened to notify law enforcement — not realizing the server belonged to the FBI. The Bureau then invited the intruder into a video chat, showed credentials, and convinced the person they were indeed dealing with federal agents. That exchange is a rare window into the human-side of a cyberincident: someone pokes around, panics, then the agency on the other end has to prove its identity.
The hacker’s confusion turned a break-in into an odd negotiation. For me, the scene read like a hairline crack in the bureau’s armor — visible, worrying, and slow to widen.
What did the hacker see and take?
Internal notes show the intruder was browsing files tied to the Epstein probe. The public record doesn’t list a neat inventory of what was exfiltrated, which leaves a knot of unknowns: which documents were copied, who viewed them, and whether foreign actors retained materials that could be weaponized politically or commercially.
Files released years later, and a continuing ripple
Documents tied to Epstein have dripped into public view since 2019 and gained momentum again in 2025.
Those releases mapped the financier’s connections to powerful and wealthy figures worldwide, prompting investigations and political fallout in multiple countries. Reuters, CNN, The Guardian, NBC, and outlets like Gizmodo have traced the public thread; the Justice Department and the FBI handle the internal thread.
The bureau called the event an “isolated” cyber incident and said it “restricted access to the malicious actor and rectified the network.” But the breach reignited a familiar fear: that even high-security systems at the FBI can be pierced, and that sensitive investigative materials are vulnerable.
How did the FBI respond to the breach?
The FBI said it contained the intrusion and fixed the network, and investigators continue to probe. Inside reports show Spivack protested being made a “scapegoat,” arguing conflicting IT policies and operational complexity left the server exposed. That internal argument is as revealing as the intrusion itself: it points to cultural and technical gaps inside the agency.
I want you to hold two facts: the files became public in part because of legal pressure and releases, and this incident shows that the path from classified case file to leaked document can run through both courtrooms and broken cyber-defenses. Those papers are a dark library where secrets go to die.
So where do we go from here — can the FBI restore public confidence while foreign actors prowl networks and sensitive investigations continue to surface in public records?