Investigators suspect Russia was behind the hack of the U.S. federal court filing system, The New York Times reported Tuesday. The breach may have exposed sensitive information, such as the identities of federal informants, sealed indictments and unserved search warrants.
The Administrative Office of the U.S. Courts, which oversees the online filing system that manages documents in federal civil and criminal cases, discovered the hack around July 4.
Investigators speaking on condition of anonymity told the Times that it’s unclear whether the hackers, who reportedly spent several years infiltrating the system, were connected to Russian intelligence or if other countries were involved. A source also named specific federal courts that had been targeted, including those in South Dakota, Missouri, Iowa, Minnesota and Arkansas.
The hackers are also said to have searched the system for information on criminal cases in the New York City area and several other jurisdictions. Some of those cases reportedly involved people with Russian and Eastern European surnames.
The system’s administrators, according to a memo sent to the Justice Department and obtained by the Times, said that sealed records were compromised in the breach. The Justice Department was also advised to remove highly sensitive documents from the system.
Strengthening security
While federal officials publicly remain tight-lipped on details surrounding the breach, the system’s administrators announced last week that it would strengthen its cybersecurity “in response to recent escalated cyberattacks of a sophisticated and persistent nature on its case management system.”
“These sensitive documents can be targets of interest to a range of threat actors,” the announcement read. “To better protect them, courts have been implementing more rigorous procedures to restrict access to sensitive documents under carefully controlled and monitored circumstances.”
The attack is not the first for the court system. In January 2021, the courts’ administrative office said it had been targeted in a cyberattack tied to the breach of widely used software from the company SolarWinds. Although Russia was blamed for the SolarWinds campaign, which affected thousands of companies and some U.S. government agencies, the court did not mention Russia by name in its statement.