Russia Is Suspected to Be Behind Breach of Federal Court Filing System

http://archive.today/2025.08.12-232149/https://www.nytimes.com/2025/08/12/us/politics/russia-hack-federal-court-system.html

Investigators have uncovered evidence that Russia is at least partly responsible for a recent hack of the computer system that manages federal court documents, including highly sensitive records with information that could reveal sources and people charged with national security crimes, according to several people briefed on the breach.

It is not clear what entity is responsible, whether an arm of Russian intelligence might be behind the intrusion or if other countries were also involved, which some of the people familiar with the matter described as a yearslong effort to infiltrate the system. Some of the searches included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames.

Administrators with the court system recently informed Justice Department officials, clerks and chief judges in federal courts that “persistent and sophisticated cyber threat actors have recently compromised sealed records,” according to an internal department memo reviewed by The New York Times. The administrators also advised those officials to quickly remove the most sensitive documents from the system.

Documents related to criminal activity with an overseas tie, across at least eight district courts, were initially believed to have been targeted. Last month, the chief judges of district courts across the country were quietly warned to move those kinds of cases off the regular document-management system, according to officials briefed on the request. They were initially told not to discuss the matter with other judges in their districts.

In recent weeks, judges of the Eastern District of New York have been taking corrective measures. On Friday, the chief judge of the district, Margo K. Brodie, issued an order prohibiting the uploading of sealed documents to PACER, the searchable public database for documents and court dockets. Ordinarily, sealed documents would be uploaded to the database, but behind a wall, in theory preventing people without the proper authority from seeing them. Now those sensitive documents will be uploaded to a separate drive, outside PACER.

Federal officials are scrambling to determine the patterns of the breach, assess the damage and address flaws in a sprawling, heavily used computer system long known to have serious vulnerabilities that could be exploited by foreign adversaries.

They did not address the origin of the attack, or what files had been compromised. The breach also included federal courts in South Dakota, Missouri, Iowa, Minnesota and Arkansas, said an official who requested anonymity to discuss a continuing investigation.

Politico earlier reported that the system had been under attack since early July by an unnamed foreign actor.

Concerns about the hacking of the courts’ electronic filing system predate this summer. The courts announced in January 2021 that there had been a cyberattack but did not name Russia.

Former federal law enforcement officials said Russia was behind that hacking. It was not clear if other countries also exploited vulnerabilities in the system, but the former officials described the breach as extremely serious.

In 2022, Representative Jerrold Nadler, Democrat of New York, claimed he had obtained information that the court system’s computer network had been breached by three unnamed foreign entities, dating to early 2020.