OIG finds database with missing FBI texts!
Still trying to make some sense of this…
Feel free to dig!
The OIG requested from the FBI text messages of, among others, two employees in connection with the Pre-election Review. When the OIG received the text message production from FBI, there was a time period of several months for which FBI did not produce text messages for mobile devices used by the two FBI employees. The FBI informed the OIG that it was aware that there were deficiencies in its collection application and that it was changing the model of the mobile device issued to FBI employees as part of a regular technical refresh and to mitigate the problem. However, the OIG later learned that, even after upgrading to new devices, the data collection tool utilized by the FBI was still not reliably collecting text messages from approximately 10 percent of more than 31,000 FBI-issued mobile devices.
In addition, during the OIG’s forensic examination of FBI mobile devices that were used by the two employees, the OIG discovered a database on the mobile devices containing a plain text repository of a substantial number of text messages sent and received by those devices.
Neither ESOC nor the vendor of the application was aware of the existence, origin, or purpose of this database. OIG analysis of the text messages in the database compared to ESOC productions of text messages during the same time periods when the collection tool was functional identified a significant number of text messages found in the database that were missing from the ESOC production. Furthermore, the Subject Matter Expert with whom the OIG consulted in connection with its forensic analysis of the devices identified additional potential security vulnerabilities regarding the collection application. The OIG has provided these findings to the FBI.