A newly released Department of Justice document adds a cybersecurity claim to the public record around Jeffrey Epstein: an informant told the FBI in 2017 that Epstein had a “personal hacker.” The allegation, first reported by TechCrunch, appears in a larger set of material the DOJ is legally required to release related to the investigation into the late sex offender.
The document does not identify the alleged hacker. It does, however, describe the person’s reported background, technical focus, and alleged market for offensive hacking tools. The most important caveat is also the central one: the source article says it is unclear whether the informant’s account is accurate or whether the FBI verified it.
What the DOJ document says
According to the document released by the Department of Justice on Friday, an informant told the FBI in 2017 that Jeffrey Epstein had a “personal hacker.” The document was released as part of a large trove of material connected to the investigation into Epstein.
The alleged hacker is not named in the document described by the source article. The available details are limited, but specific. The person was allegedly born in Italy in the southern region of Calabria. Their hacking work allegedly focused on discovering vulnerabilities in Apple's iOS mobile operating system, BlackBerry devices, and the Firefox browser.
The informant also gave the FBI an assessment of the hacker’s skill, saying the hacker “was very good at finding vulnerabilities.” That statement matters because the claims are not about ordinary account compromise or low-level cybercrime. They concern vulnerability discovery and alleged exploit development, areas that can be valuable to governments, contractors, and criminal groups.
The alleged technical work
The source article says the hacker allegedly developed offensive hacking tools, including exploits for unknown and/or unpatched vulnerabilities. In cybersecurity, that distinction is significant because an unknown or unpatched vulnerability may give an attacker a route into a system before a fix is available or widely deployed.
The specific targets named in the source are Apple's iOS mobile operating system, BlackBerry devices, and the Firefox browser. Those platforms point to a range of possible targets: mobile phones, communications devices, and web browsing environments. The document described in the source does not provide technical proof, code samples, exploit names, or identities of victims.
That leaves the allegation in a narrow but serious category. It is a claim that someone connected to Epstein had access to, or was associated with, a person capable of finding software weaknesses and building tools around them. The source article does not state that Epstein used those tools, directed their use, or possessed them personally beyond the informant’s phrase “personal hacker.”
Who allegedly bought the tools
The informant’s account went beyond technical ability. According to the source article, the hacker allegedly sold offensive tools to several countries, including an unnamed central African government, the UK, and the US.
The same account also claims the hacker sold an exploit to Hezbollah and received “a trunk of cash” in payment. That is one of the most striking details in the report, but it should be read with the same caution as the rest of the document. The source article explicitly says it is unclear whether the FBI verified the report.
The alleged buyers named in the source show why vulnerability research can become a major security issue. A single exploit can be valuable to very different customers, from governments to non-state actors. But the public information described here does not establish whether the alleged sales happened, what tools were involved, or how they were used.
What remains unresolved
The document leaves major questions unanswered. The alleged hacker’s identity is not provided. The source article does not say whether the FBI confirmed the informant’s claims. It also does not say whether any charges, technical findings, or follow-up investigative conclusions came from the report.
Those gaps are important because informant accounts can contain leads, partial information, or claims that require corroboration. In this case, the public record described by the source article gives readers a set of allegations, not a verified technical history.
The clearest facts are therefore limited:
- A Department of Justice document released on Friday says an informant spoke to the FBI in 2017.
- The informant claimed Jeffrey Epstein had a “personal hacker.”
- The alleged hacker was reportedly born in Italy in the southern region of Calabria.
- The alleged work involved vulnerabilities in Apple's iOS mobile operating system, BlackBerry devices, and the Firefox browser.
- The informant claimed the hacker sold tools to an unnamed central African government, the UK, the US, and Hezbollah.
- The source article says it is unclear whether the informant’s account is accurate or whether the FBI verified it.
Why the claim matters
Even without verification, the allegation is notable because it connects the Epstein investigation materials to the market for offensive hacking tools. The source article frames the claim as part of a broader security news roundup, but the details stand on their own: vulnerability discovery, alleged exploit sales, and possible links to governments and Hezbollah.
The story is also a reminder that cybersecurity claims in legal or investigative documents should be handled carefully. A document can preserve what an informant told investigators without proving that every detail is true. Here, the responsible reading is direct: the claim exists in a DOJ-released document, the alleged hacker remains unidentified, and the verification status is unclear.
For readers following privacy, surveillance, and cyber operations, the case illustrates how powerful hacking capabilities can appear in unexpected investigative records. But the available facts stop at the boundaries of the released material and the reporting around it. Anything beyond that would require confirmation not present in the source.