Feds Hack Court Filing System in Major Breach

A Major Cyber Breach in the Federal Judiciary System

A significant cyber intrusion has compromised the electronic case filing system used by the federal judiciary, raising serious concerns about the security of sensitive court data across multiple U.S. states. According to two individuals with knowledge of the incident, the breach is believed to have exposed confidential information, including the identities of informants involved in criminal cases.

The hack, which has not been publicly reported before, has raised alarms among officials and legal professionals. The individuals, who were granted anonymity due to their inability to speak publicly about the matter, indicated that the breach may have affected multiple federal district courts. They emphasized the potential risks associated with the exposure of such critical data.

The Administrative Office of the U.S. Courts, responsible for managing the federal court filing system, became aware of the issue around July 4. However, the office, along with the Justice Department and individual district courts, is still working to determine the full scope of the breach. It remains unclear who is behind the attack, though speculation points toward nation-state-affiliated actors. Criminal organizations are also considered possible suspects.

The Administrative Office of the U.S. Courts has not commented on the incident. When asked about an investigation, the FBI directed inquiries to the Justice Department, which has yet to respond to requests for comment.

Impact on Key Systems

The breach appears to have targeted the federal core case management system, which includes two key components: Case Management/Electronic Case Files (CM/ECF) and PACER. CM/ECF is used by legal professionals to upload and manage case documents, while PACER provides the public with limited access to court records.

In addition to witness and defendant information, the system contains other sensitive data, such as sealed indictments and arrest warrants. These details could be valuable to foreign hackers or criminals looking to exploit vulnerabilities.

Response and Concerns

Chief judges from the 8th Circuit, which covers several U.S. states, were informed about the breach at a recent judicial conference. While it is unclear who provided the briefing, Judge Robert J. Conrad, Jr., the Director of the Administrative Office of the U.S. Courts, was present. Supreme Court Justice Brett Kavanaugh attended the event but did not address the breach in his remarks.

The incident highlights growing concerns about the cybersecurity capabilities of the federal court system. Michael Scudder, chair of the Committee on Information Technology for the federal courts’ national policymaking body, testified before the House Judiciary Committee in June that the current systems, CM/ECF and PACER, are outdated and unsustainable due to cyber risks. He emphasized that these systems are essential for the daily operations of federal courts but require urgent modernization.

Ongoing Threats and Challenges

This breach is part of a broader pattern of increasing cybersecurity threats targeting the federal judiciary. In July 2022, the Justice Department was investigating another breach of the federal court system, described by then-House Judiciary Committee Chair Jerrold Nadler as “startling.” This incident involved three foreign hacking groups and dated back to early 2020.

Experts warn that the federal judiciary faces persistent and severe security threats. One of the individuals involved in the current breach noted that this is the first time they have witnessed a cyberattack of this scale. Another individual mentioned that roughly a dozen court dockets were tampered with in one district, though the extent of the damage remains unclear.

Despite the risks, the most highly protected witnesses are reportedly safeguarded on separate systems maintained by the Justice Department. However, the ongoing challenges highlight the need for more robust cybersecurity measures and a comprehensive strategy to modernize the federal court’s digital infrastructure.

As the investigation continues, the federal judiciary must address these vulnerabilities to protect sensitive information and maintain public trust in the justice system.