US federal judiciary’s electronic case system breached in major cyberattack: Report

The electronic case filing system used by the US federal judiciary has been breached in a sweeping cyberattack that may have exposed sensitive court data across several states, POLITICO reported Wednesday, citing two individuals familiar with the matter.The breach is believed to have compromised the identities of confidential informants involved in criminal cases at multiple federal district courts, according to the unnamed sources, who were granted anonymity because they were not authorised to speak publicly.

The Administrative Office of the US Courts, which manages the federal filing system, reportedly realised the seriousness of the intrusion around July 4. However, efforts to assess the full scope of the attack remain ongoing, involving coordination with the Justice Department and individual district courts.

The attackers’ identities have not been confirmed, though POLITICO‘s sources indicated that nation-state-affiliated actors are suspected, with criminal organisations also a possibility.The breach affects the judiciary’s core case management system, specifically the Case Management/Electronic Case Files (CM/ECF) platform used by legal professionals, and the Public Access to Court Electronic Records (PACER) system, which allows limited public access to court documents.

These systems are said to contain highly sensitive data, including sealed indictments, arrest warrants, and cooperation records—material that could be exploited by criminals or foreign operatives.

Chief judges from the federal courts in the 8th Circuit—covering Arkansas, Iowa, Minnesota, Missouri, Nebraska, North Dakota, and South Dakota—were briefed about the breach during a recent judicial conference in Kansas City, according to the POLITICO report. Judge Robert J. Conrad Jr., Director of the Administrative Office, was present. Supreme Court Justice Brett Kavanaugh also attended the event but did not address the incident.

This latest breach adds to a growing list of cybersecurity incidents targeting the judiciary. In June, Judge Michael Scudder, who heads the IT committee for the judiciary’s national policymaking body, told the House Judiciary Committee that CM/ECF and PACER are “outdated” and pose significant cyber risks. He called their replacement a “top priority,” though acknowledged that any new system would need to be implemented incrementally.

As of mid-2022, the Justice Department was still investigating a prior breach of the federal court system that dated back to early 2020 and reportedly involved three foreign hacking groups, according to former House Judiciary Chair Jerrold Nadler.

One of POLITICO’s sources described the current hack as unprecedented in scope over their two-decade career with the judiciary. While one source claimed a dozen court dockets had been tampered with in a single district, the other could not confirm any manipulation but acknowledged it was theoretically possible.

Importantly, the identities of the most highly protected federal witnesses appear to be secure, as that information is stored separately by the Justice Department, the report noted.