The U.S. Department of Justice (DOJ) is currently looking into a cyberattack on the country’s federal court management database, Matt Olsen, head of the DOJ’s National Security Division (NSD), told lawmakers at Capitol Hill on Thursday.
Although the breach occurred in early 2020, the House of Representatives Judiciary Committee only learned about the “startling breadth and scope” of the incident in March this year, Committee Chair Jerrold Nadler said. Lawmakers have expressed concern about the lack of information on the breach.
In a hearing with the committee, Olsen, who said the incident was a source of “significant concern,” revealed that the NSD is “working very closely with the judicial conference and judges around the country to address this issue.” He vowed to update the committee as the investigation progresses.
Hostile Foreign Actors Targeted U.S. Court Filing System
According to Nadler, “three hostile foreign actors” carried out a cyberattack on the U.S. Courts’ document filing system, and the incident caused a “system security failure.”
The threat actor responsible for the data breach remains unknown. Olsen said the NSD was looking into the cyber threat posed by countries such as China, Iran, North Korea, and Russia.
“While I can’t speak directly to the nature of the ongoing investigation of the type of threats that you’ve mentioned regarding the effort to compromise public judicial dockets, this is of course a significant concern for us given the nature of the information that’s often held by the courts,” Olsen stated.
In January 2021, the U.S. courts released a statement detailing new procedures to protect confidential documents in response to widespread data breaches and vulnerabilities in the Judiciary’s Case Management/Electronic Case Files system (CM/ECF).
The statement said “highly sensitive court documents (HSDs) filed with federal courts will be accepted for filing in paper form or via a secure electronic device, such as a thumb drive, and stored in a secure stand-alone computer system. These sealed HSDs will not be uploaded to CM/ECF.”
While the statement referenced an emergency directive by Homeland Security in response to the SolarWinds hack, the breach of the federal court database is a separate incident.
Impact of the Breach Remains Unclear
Both the DOJ and the U.S. Courts have kept legislators and the American public in the dark about the incident. It is currently unclear how the breach affected the DOJ’s operations, or how many cases were affected.
“I would expect your preparation and for us to be able to get that information as quickly as possible in a setting that would be appropriate, but this is a dangerous set of circumstances that has now been publicly announced, and we need to know how many…were dismissed,” Committee Member Sheila Jackson Lee said while questioning Olsen about the impact of the breach.
When asked if the breach affected any cases the NSD was pursuing, Olsen said he could not “think of anything in particular.”