Today, we identified unauthorized activity involving a portion of our Agency’s Microsoft SharePoint environment. Upon detection, immediate containment and investigative measures were initiated, including securing affected systems and conducting a preliminary forensic review.

At this stage of the investigation, the only data potentially exposed appears limited to business email addresses and related contact information.

The nature of the incident appears consistent with a spam or phishing-oriented compromise scenario, where unauthorized parties may attempt to leverage access for the distribution of fraudulent or misleading email communications.

As a precaution, we advise all clients, partners, and contacts to exercise additional care with any unexpected emails claiming to originate from our Agency within the last 24 hours.

If you receive a message that appears unusual, contains unexpected links or attachments, or requests sensitive information, please verify its authenticity directly with us before responding or taking action by sending an email to [email protected]. For questions or verification of communications claiming to originate from our Agency, you can also contact us directly through our official channels.

Cybersecurity threats continue to evolve rapidly, and the growing use of artificial intelligence is enabling threat actors to identify vulnerabilities and exploit them more quickly and efficiently than in previous years. Organizations globally continue to face increasing levels of automated scanning, phishing activity, and targeted exploitation attempts against cloud-based platforms and collaboration systems.

Our technical teams and external advisors continue to investigate the matter thoroughly, monitor systems for further suspicious activity, and implement additional safeguards where necessary.

We take the protection of information and the security of our systems seriously and will provide further updates should additional relevant information emerge.