Hackers have compromised the electronic case filing system used by the federal judiciary, possibly exposing sensitive information such as the identities of confidential informants in criminal cases. The breach was first reported by Politico, which cited two sources who were granted anonymity.
The Administrative Office of the U.S. Courts, which manages the federal court filing system, discovered the breach around July 4, Politico reported. The hack is said to have affected numerous federal district courts across the country.
Download the SAN app today to stay up-to-date with Unbiased. Straight Facts™.
Point phone camera here
Suspected nation-state attack
The Department of Justice and the affected district courts are investigating. While it is not clear who is behind the attack, Politico quoted sources that said “nation-state-affiliated actors are widely suspected” and that “criminal organizations” could also be involved.
It’s also unclear how the hackers gained access. The breach involves the two primary components of the judiciary’s case management system: the Case Management/Electronic Case Files, or CM/ECF, and PACER.
The CM/ECF allows lawyers and other legal professionals to both upload and manage documents related to court cases. PACER provides the public with access to more than 1 billion documents filed at all federal courts in the country.
‘Unrelenting security threats’
Along with information on confidential informants, the filing system also holds sealed indictments, unserved search warrants and other details that criminal suspects could use to avoid capture, according to Politico.
Judicial officials were already aware of potential issues with the electronic filing system.
In June, Judge Michael Scudder of the 7th U.S. Circuit Court of Appeals described it as “outdated” and “unsustainable due to cyber risks.” Scudder said the system faces “unrelenting security threats of extraordinary gravity.”
Three foreign hacking groups reportedly targeted the system in July 2022, as officials were still investigating a 2020 incident.
The Administrative Office of the U.S. Courts, the FBI and the Justice Department have not commented on the reported breach.
