The United States federal judiciary's electronic case filing system suffered a breach discovered around July 4, leading to courts reverting to backup paper-filing plans due to compromised sealed records. Uncertainty remains regarding the breach's extent, which reports suggest involved Russian hackers exploiting long-standing software vulnerabilities. Over a month post-discovery, clarity on the impact and affected data is lacking, raising concerns among security researchers about transparent communication and the integrity of the system, which has seen repeated targeting.
"We're more than a month into detecting this intrusion and still don't have a full accounting of what's impacted," says Jake Williams, a former NSA hacker and current vice president of research and development at Hunter Strategy. "If we don't have sufficient logging to reconstruct attack activity, that would be extremely disappointing, because this system has been repeatedly targeted over the years."
Security researchers say that gaps in public information about the situation are concerning, particularly when it comes to lack of clarity on what data was affected.
The CM/ECF system also suffered a breach in 2020 during the first Trump administration, and Politico reported on Tuesday that, in the recent attack, hackers exploited software vulnerabilities that remained unaddressed after being discovered five years ago in response to that first incident.
More than a month after the discovery of the breach-and in spite of recent reports from The New York Times and Politico that Russia was involved in perpetrating the hack-it is still unclear exactly what happened and which data and systems were affected.
Collection
[
|
...
]