In addition, during the OIG’s forensic examination of FBI mobile devices that were used
by the two employees, the OIG discovered a database on the mobile devices containing a plain
text repository of a substantial number of text messages sent and received by those devices.Neither ESOC nor the vendor of the application was aware of the existence, origin, or purpose of
this database. OIG analysis of the text messages in the database compared to ESOC productions
of text messages during the same time periods when the collection tool was functional identified
a significant number of text messages found in the database that were missing from the ESOC
production. Furthermore, the Subject Matter Expert with whom the OIG consulted in connection
with its forensic analysis of the devices identified additional potential security vulnerabilities
regarding the collection application. The OIG has provided these findings to the FBI.
https://www.oversight.gov/report/doj/procedural-reform-recommendation-federal-bureau-investigation-0