In a suspected cyberattack, a shadowy hacking collective has reportedly published the personal information of hundreds of U.S. federal employees, including agents from Immigration and Customs Enforcement (ICE), the Department of Homeland Security (DHS), the Department of Justice (DOJ), and the FBI.
The leak, first reported by 404 Media, allegedly includes sensitive personal data such as full names, office addresses, and in some cases, home addresses. More than 680 DHS officials, 190 DOJ staff, and 170 FBI employees were affected. Some of the data was shared via encrypted messaging apps like Telegram, where hackers openly mocked their targets and even referenced bounties allegedly offered by Mexican cartels for information on federal agents.
“Mexican Cartels hmu we dropping all the doxes,” one hacker posted, appearing to demand “1m” dollars in exchange for the data. Another post provocatively asked, “U guys want IRS next?” suggesting further leaks may be forthcoming.
The perpetrators behind this breach are believed to be part of a larger, loosely affiliated cybercrime community referred to as “The Com.” This sprawling collective includes members of several groups, such as Scattered Spider, 0ktapus, and LAPSUS$, which have been behind major ransomware and data theft campaigns targeting companies like MGM Resorts, Coinbase, and Twilio.
These groups are “some of the most infamous English-speaking hacking groups operating today,” according to Mashable.
The Com has become known for recruiting minors and young adults — often English-speaking teens — and leveraging their knowledge of Western systems and social engineering tactics. This group operates in digital subcultures that glorify online crime, where members boast about scams and violent tactics, including swatting, “brickings” (hiring people to vandalize homes), and robberies.
Join us now during our exclusive Deal of the Decade. Get everything for $7 a month. Not as fans. As fighters. Go to DailyWire.com/Subscribe to join now.
Scattered Spider, one of the arms of The Com, has reportedly collaborated with Russian ransomware gangs like ALPHV/BlackCat. These partnerships blend Western hackers’ fluency in English and social manipulation with the Russians’ technical tools and experience in laundering ransom payments. Their alliance was behind the devastating $100 million ransomware attack on MGM Resorts in 2023.
According to experts, this doxing incident marks a shift from financially motivated ransomware to direct, politically charged attacks on U.S. government personnel. It also comes amid ongoing concerns from cybersecurity officials that groups like the Com represent an escalating national security threat, especially when working with foreign adversaries.
Authorities have arrested several individuals connected to the Com and its subgroups, including a 17-year-old in the UK and several Americans in their early 20s. However, many remain at large, and experts warn that the decentralized nature of these groups — operating across encrypted apps and online gaming platforms — makes them exceptionally difficult to dismantle.
As investigations continue, cybersecurity experts caution that this leak could lead to real-world harm against federal employees and may signal a broader trend of hackers weaponizing personal data for political, ideological, or financial gain.
