The FBI is investigating a potential cyberattack after an agency platform supporting wiretaps was allegedly accessed during a February incident.

Multiple sources told CNN and the Associated Press on Thursday that the FBI is addressing a cybersecurity breach focused around the Digital Collection System Network, which is connected to the agency’s wiretaps, pen register surveillance tools and other intelligence collection systems used in criminal and national security investigations.

The Associated Press said the FBI has informed Congress that the incident was first discovered on February 17 after irregular network behavior was witnessed. 

"The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond,” an FBI spokesperson told Recorded Future News. “We have nothing additional to provide.”

Politico reported on Friday that the White House, Department of Homeland Security and National Security Agency are now involved in an investigation into the incident.  

While the system that was impacted by the incident is considered unclassified, it does hold sensitive information from investigations, surveillance and more. The FBI and the Department of Homeland Security did not respond to further questions about the nature of the incident or whether it involved ransomware. 

The letter to Congress from the FBI allegedly claimed the threat actors gained entry through an internet service provider that served as a vendor to the agency. 

In 2024, it was revealed that Chinese state-backed hackers connected to the Salt Typhoon operation breached systems at ​​AT&T, Verizon and Lumen and specifically targeted the systems U.S. law enforcement agencies used for wiretaps. 

Both nation-state hackers and cybercriminals have breached federal law enforcement systems over the past two years, including a ransomware attack on the U.S. Marshals Service and a breach involving a sensitive documents system used by U.S. federal courts.