JULY 28, 2022
Yasin Ozturk/Getty Images
The Justice Department is investigating a data breach of the U.S. federal courts system dating to early 2020, a top official testified on Capitol Hill Thursday.
Scary scenario for the judicial branch: House Judiciary Committee Chair Jerrold Nadler (D-N.Y.) told fellow lawmakers that there had been a “system security failure” of the U.S. Courts’ document management system. He said the committee learned in March about the “startling breadth and scope” of the breach. It was the first public disclosure of the hack.
Nadler said the data breach of the courts was separate from the SolarWinds hack revealed in late 2020, which involved Russian government-backed hackers infiltrating the networks of over a dozen U.S. federal agencies for much of 2020, including the federal court systems. He spoke at a committee hearing on oversight of the Justice Department’s National Security Division.
Assistant Attorney General for National Security Matthew Olsen testified to the committee that NSD is “working very closely with the judicial conference and judges around the country to address this issue,” and committed to updating the committee on the investigation as it progressed.
Wider impact: A committee aide said that Nadler’s questions came after the committee received a briefing on the attack, noting that “the sweeping impact it may have had on the operation of the Department of Justice is staggering.” The aide was granted anonymity in order to discuss a private briefing.
Looking for the details: Committee member Rep. Sheila Jackson Lee (D-Texas) pressed Olsen for more details on how many cases had been impacted by the breach.
“I would expect your preparation and for us to be able to get that information as quickly as possible in a setting that would be appropriate, but this is a dangerous set of circumstances that has now been publicly announced, and we need to know how many…were dismissed,” Jackson Lee said.
Nadler questioned Olsen on whether the breach had in any way affected cases pursued by the NSD, and Olsen testified he could not “think of anything in particular.”
The DOJ, the FBI and the U.S. federal court systems did not immediately respond to requests for comment on the breach.
Past experience: The U.S. Courts system put out a statement in January 2021 following the discovery of the SolarWinds breach acknowledging that its Case Management/Electronic Case Files system, or CM/ECF, had been compromised as part of the massive breach. As a result, procedures for filing highly sensitive documents were changed so that they could only be handed in via paper documents, a secure electronic device, through a secure computer system.