DOJ ‘Epstein files’ highlight plaintext email exposure of sensitive government documents
A newly released trove of U.S. Department of Justice documents tied to Jeffrey Epstein indicates significant operational security (OPSEC) failures by prominent individuals, including apparent use of unencrypted/plaintext email to transmit sensitive government material. The documents suggest that Prince Andrew (King Charles III’s younger brother) and former UK cabinet minister Peter Mandelson separately emailed confidential government documents to Epstein, prompting concerns about potential leaks of state secrets and related law-enforcement scrutiny.
Cybercrime expert Alan Woodward characterized the behavior as “poor OPSEC,” emphasizing that even if senders trust a recipient, the recipient and their devices may not be trustworthy—an acute risk when sensitive information is shared without encryption. The records also raise questions about why Epstein retained emails and stored them unencrypted; while leverage/blackmail is a possible motive, an FBI memo (July 2025) cited in the reporting states a systematic review found no incriminating “client list” and no credible evidence that Epstein blackmailed prominent individuals.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
UK police open probes into Mandelson and Andrew
Following the disclosures, UK law enforcement opened investigations into possible misconduct and unauthorized disclosure. The reporting says the Metropolitan Police is investigating Mandelson and Thames Valley Police is investigating Andrew Mountbatten-Windsor.
DOJ releases Epstein files tied to unencrypted emails
The U.S. Department of Justice released a trove of documents tied to Jeffrey Epstein, revealing alleged operational security failures by prominent individuals who used unencrypted plaintext email. The release brought the 2009–2010 communications into public view.
FBI memo says no client list or blackmail evidence found
A July 2025 FBI memo said investigators found no incriminating 'client list' and no credible evidence that prominent individuals were blackmailed. The memo is cited in the reporting as part of the context around the document release.
Epstein dies in jail before trial
Later in 2019, Epstein died in jail before he could stand trial on the sex-trafficking charges. The articles cite this as ending the criminal proceedings against him personally.
Epstein arrested on sex-trafficking charges
The references state that Epstein was arrested again in 2019 on sex-trafficking charges. This marked a major escalation in the legal case against him.
Mandelson and Andrew allegedly sent UK documents to Epstein
The newly released files indicate that Peter Mandelson and Andrew Mountbatten-Windsor allegedly forwarded confidential UK government information to Jeffrey Epstein via unencrypted plaintext email during 2009 and 2010. The disclosures suggest the information may have provided Epstein with potential commercial benefit and raised Official Secrets Act concerns.
Jeffrey Epstein convicted in earlier sex offense case
The references note that some individuals remained in contact with Epstein after his 2008 conviction. This conviction provides the earliest dated context for the later communications described in the files.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
DOJ Document Alleges Jeffrey Epstein Had a ‘Personal Hacker’ Selling Zero-Day Exploits
The U.S. Department of Justice released a document from the *Epstein Files* stating that a confidential FBI informant alleged in 2017 that Jeffrey Epstein had a “personal hacker.” The document does not reflect verified FBI findings and is heavily redacted, leaving the accuracy and reliability of the claims unclear; the FBI declined to comment and DOJ did not respond to media requests. According to the informant’s allegations, the hacker was an Italian born in Calabria who specialized in finding vulnerabilities in **iOS**, **BlackBerry** devices, and the **Firefox** browser, and who developed and sold **zero-day exploits** and other offensive cyber tools to multiple governments, including the U.S. and the U.K. The informant also claimed the hacker sold a zero-day to **Hezbollah** in exchange for “a trunk of cash,” and the DOJ document includes additional unverified assertions about the individual’s business ties (including a company reportedly acquired by **CrowdStrike** and a subsequent VP role).
Mar 21, 2026
Epstein Files Release Spurs Search Guidance and Highlights Redaction Failures
The U.S. Department of Justice’s ongoing release of the **Jeffrey Epstein investigative files** has driven public efforts to locate, search, and interpret millions of pages of records, alongside concerns about misinformation and usability. One guide describes the post–*Epstein Files Transparency Act* release process and claims the DOJ has published roughly **3.5 million pages** (out of more than 6 million potentially responsive pages identified), organized into multiple downloadable datasets with limited full-text search and a cumbersome interface; it emphasizes using official sources and warns that redactions and removals/re-uploads can complicate analysis. Separate commentary highlights how **sloppy redaction** can undermine privacy protections and enable re-identification when combined with open-source data and AI-assisted analysis (e.g., correlating “biographical breadcrumbs” with platforms like LinkedIn). The same discussion also points to broader **insider-risk** concerns in the “age of AI,” citing an incident in which a senior U.S. cybersecurity official reportedly uploaded sensitive government material to the public version of *ChatGPT*, underscoring the reputational and security impact when sensitive information is mishandled.
Mar 21, 2026
Foreign Hacker Breach of FBI New York Field Office Exposed Epstein Investigation Files
A **foreign, unidentified hacker** breached the FBI’s New York Field Office in 2023 and accessed files tied to the bureau’s investigation of **Jeffrey Epstein**, according to Reuters reporting based on a source familiar with the incident and Justice Department/court documents. The intrusion reportedly stemmed from a server at the **Child Exploitation Forensic Lab** that was inadvertently left vulnerable by an FBI special agent working the case; a court document described the actor as having “combed through” certain Epstein-related files. The FBI said it **contained the affected network**, assessed the incident as **isolated**, **restricted the actor’s access**, and **remediated** the exposed network, while noting the investigation remains ongoing. Additional reporting identified the agent as **Aaron Spivack** and cited a timeline indicating the break-in occurred on **February 12, 2023**; Reuters also reported the hacker allegedly did not realize they had accessed FBI systems until agents contacted them and requested a video call where they displayed their credentials.
Mar 21, 2026