Report: FBI Notifies Congress Of ‘Major Incident’ Linked To China

The FBI recently alerted members of Congress to a cyber intrusion it has classified as a “major incident,” with officials indicating the breach is linked to China and could pose a threat to national security.

According to Fox News, FBI officials formally notified lawmakers last week after determining the incident met the federal government’s threshold for a “major incident,” a designation reserved for the most serious cyber intrusions. The outlet cited an unidentified congressional aide and two U.S. officials who said the classification reflects both the sensitivity of the compromised data and the sophistication of the attack.

Congress was briefed on the determination earlier this week, the report said.

Additional details reported by Politico suggest the breach involved a targeted intrusion into FBI systems through a third-party provider. In a March notice to Congress, the bureau said hackers appeared to gain access by “leveraging a commercial Internet Service Provider’s vendor infrastructure,” describing the method as indicative of the group’s “sophisticated tactics.”

The compromised system reportedly handled highly sensitive information. According to the notice, the “affected” data included “returns from legal process, such as pen register and trap and trace surveillance returns, and personally identifiable information pertaining to subjects of FBI investigations.” Such data can include metadata about communications as well as identifying details tied to ongoing federal investigations.

While officials have not publicly named the specific group responsible, Fox News reported that China is believed to be behind the intrusion. Chinese state-linked cyber actors have a long history of targeting U.S. government systems and critical infrastructure, often using supply chain vulnerabilities and third-party vendors to gain initial access.

The incident comes amid heightened concern in Washington over the security of both government and personal systems used by senior officials. Just days earlier, the Department of Justice confirmed that FBI Director Kash Patel’s personal email account had been compromised in a separate cyber incident attributed to an Iran-linked group. (RELATED: Report: Kash Patel’s Personal Email Breached By Iran-Backed Hackers)

In that case, a Justice Department official said material released online “appeared to be authentic,” after the group known as the Handala Hack Team published documents and personal information it claimed were taken from Patel’s inbox. The breach was believed to involve an older Gmail account containing a mix of personal and work-related correspondence.

Together, the incidents underscore the growing scope and persistence of foreign cyber threats facing U.S. institutions. Security experts have warned that adversaries including China and Iran are increasingly targeting not only federal networks but also the broader ecosystem of vendors, contractors, and personal accounts connected to government officials.

Officials have not yet disclosed how long the China-linked actors may have had access to the affected FBI systems, whether the breach has been fully contained, or what steps are being taken to mitigate potential damage. The FBI has also not indicated whether additional agencies or systems may have been impacted.

Lawmakers are expected to seek further briefings in the coming days as concerns mount over the scale of the intrusion and the potential exposure of sensitive investigative data.

READ NEXT: Hegseth Lifts Army Pilots’ Suspension Over Kid Rock Flyby