The US federal courts’ document filing system was attacked by three hostile foreign actors, House Judiciary Committee Chair Jerrold Nadler has told fellow lawmakers. According to Politico, Nadler made the first public disclosure of the cyberattack at a committee hearing on oversight of the Justice Department’s National Security Division (NSD). The attack happened as part of a bigger security breach that led to a “system security failure” way back in 2020. Nadler has admitted during the hearing, however, that the committee only learned about the “startling breadth and scope” of the breach this March.
Matthew Olsen, the Assistant Attorney General for National Security, has testified at the hearing and said his division is “working very closely with the judicial conference and judges around the country to address this issue.” As you can guess, lawmakers are worried about how many cases were impacted by the breach and how exactly the issue had affected them. “[T]his is a dangerous set of circumstances that has now been publicly announced, and we need to know how many…were dismissed,” committee member Rep. Sheila Jackson Lee told Olsen. When asked if the breach had affected any of the cases the NSD had handled, Olsen said he couldn’t think of any in particular.
There’s still a lot of information about the breach that’s kept under wraps — Senator Ron Wyden even wrote to the Administrative Office of the US Courts to express concerns about the fact that “the federal judiciary has yet to publicly explain what happened and has refused multiple requests to provide unclassified briefings to Congress.” As Politico notes, though, the US Courts admitted in January 2021 that its Case Management/Electronic Case Files system was breached and even changed its filing procedures for sensitive documents. The publication also points out that this breach wasn’t a part of the massive SolarWinds hacks, which are being blamed on a Russian state-sponsored group known as Nobelium.
Olsen said the Justice Department’s investigators will keep the committee updated about any new developments, so we’ll likely hear more information about the data breach in the future.