The U.S. federal court system faced “an incredibly significant and sophisticated cybersecurity breach” dating to early 2020 that has “had lingering impacts” on the Department of Justice and other agencies, House Judiciary Chairman Rep. Jerrold Nadler said Thursday.
The committee learned in March 2022 about the “startling breadth and scope of the court’s document management system’s security failure,” Nadler said during an oversight hearing for the Department of Justice National Security Division. “Perhaps even more concerning is the disturbing impact this security breach had on pending civil and criminal litigation, as well as ongoing national security or intelligence matters.”
Politico first reported the public disclosure of the attack on Thursday.
The incident was separate from the SolarWinds breach that affected a range of U.S. federal agencies, Nadler said, as he asked Assistant Attorney General for National Security Matthew Olsen to talk about how many cases in his division the breach impacted.
“While I can’t speak directly to the nature of the ongoing investigation of the types of threats you’ve mentioned regarding the effort to compromise the public judicial dockets, this is of course a significant concern for us given the nature of the information that’s often held by the courts,” Olsen said. He added that he couldn’t “think of anything in particular” as far as specific cases that the incident affected.
A DOJ spokesperson told CyberScoop after the hearing that the agency neither confirms nor denies an ongoing investigation into the matter.
Rep. Sheila Jackson Lee, D-Texas, said it would be important for follow-up information from on the cases involved “as quickly as possible” as “this is a dangerous set of circumstances that has now been publicly announced and we need to know how many, and how many were dismissed.”
The federal courts system, which is administered through the Administrative Office of the U.S. Courts, said in a January 2021 statement that it had updated procedures for handling highly sensitive court documents after the SolarWinds revelations.
The statement noted that a security audit had revealed vulnerabilities in the Judiciary’s Case Management/Electronic Case Files system, and that “an apparent compromise of the confidentiality of the CM/ECF system due to these discovered vulnerabilities currently is under investigation.”
The agency did not respond to a request for comment.