The Russian government is allegedly behind a data breach affecting the U.S. court filing system known as PACER, according to The New York Times. Citing anonymous sources, the newspaper reported that Russia is at least partially responsible for the cyberattack, though it did not specify which part of the Russian government was involved.
The hackers reportedly searched for midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving individuals with Russian and Eastern European surnames. Last week, Politico reported that hackers had infiltrated the federal judiciary’s electronic case filing system, potentially compromising the identities of confidential informants. These identities are typically redacted and kept secret, putting the informants at risk of retaliation from the criminals they are helping authorities apprehend.
The stolen data may also include sealed criminal dockets, indictments, arrest warrants, and other sensitive documents that are not yet public or may never appear in public records. The Administrative Office of the U.S. Courts, which oversees the federal court system, confirmed the cyberattack in a statement on August 7.
The New York Times also referenced a memo sent to Justice Department officials, clerks, and chief judges by court administrators, warning that “persistent and sophisticated cyber threat actors have recently compromised sealed records.” The email emphasized that the situation remains an urgent matter requiring immediate action.
This may not be the first time Russia has targeted the U.S. federal court system. In 2020, a prolonged Russian cyberattack exploited SolarWinds software, used by major tech companies and government agencies, to deliver a compromised update. This gave Russian hackers backdoor access to the networks of SolarWinds customers, including PACER, leading to the theft of sealed court documents. The breach affected multiple U.S. government departments.
In its August 7 statement, the U.S. Courts said it was strengthening the system’s security to prevent future attacks and working closely with courts to minimize the impact on litigants.