Russia Suspected to Be Behind Breach of Federal Court Filing System

investigators have uncovered evidence that Russia is at least partly responsible for a recent hack of the computer system that manages federal court documents, including highly sensitive records that could reveal sources and people charged with national security crimes.

The breach, which has been described as a yearslong effort to infiltrate the system, was first detected in 2021 when the Justice Department issued guidance on protecting sealed records. However, it appears that Russian cyber threat actors have continued to pose a significant threat, compromising sealed records and accessing sensitive information across at least eight district courts.

According to several people briefed on the matter, some of the searches included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames. This has raised concerns that Russia may be targeting specific individuals or groups for espionage purposes.

The administrators of the court system recently informed Justice Department officials, clerks, and chief judges in federal courts that "persistent and sophisticated cyber threat actors have recently compromised sealed records." They advised those officials to quickly remove the most sensitive documents from the system, warning of an "URGENT MATTER" that requires immediate action.

The breach has significant implications for national security, as it could potentially reveal sources and people charged with crimes related to foreign governments or intelligence agencies. The chief judges of district courts across the country were quietly warned last month to move those kinds of cases off the regular document-management system, according to officials briefed on the request.

It is not yet clear what entity is responsible for the breach, whether an arm of Russian intelligence might be behind the intrusion, or if other countries were also involved. However, the evidence suggests that Russia has been actively seeking to infiltrate the federal court filing system for years, posing a significant threat to national security and the integrity of the justice system.

The incident highlights the growing concern about cyber threats from foreign governments, particularly Russia, which has been accused of carrying out numerous high-profile hacking operations in recent years. The breach also underscores the need for greater vigilance and cooperation among law enforcement agencies and government officials to protect sensitive information and prevent similar breaches in the future.