Hackers have breached the federal court filing system across multiple U.S. states, potentially compromising the identities of confidential informants.
According to Politico, the attack represents a significant security failure for the courts' Case Management/Electronic Case Files (CM/ECF) system and Public Access to Court Electronic Records (PACER) platform. These systems serve as the backbone of the federal judiciary's electronic operations.
The breach highlights longstanding concerns about the judiciary's cybersecurity vulnerabilities. One source with over two decades of experience in the federal judiciary told Politico, "It's the first time I've ever seen a hack at this level," underscoring the unprecedented nature of the intrusion.
Extent of Damage Raises Alarm Among Officials
In one court district, approximately a dozen court dockets were reportedly tampered with as a result of the breach. The scale of the attack spans multiple states, though officials have not yet revealed which specific jurisdictions were affected by the intrusion.
Staff for Conrad, a district judge in the Western District of North Carolina, declined to provide any comment about the situation when contacted. This silence from officials suggests the sensitive nature of the ongoing investigation into the breach.
The most highly protected federal court witnesses may have been spared exposure, as their real identities are typically stored on separate systems maintained by the Justice Department. Nevertheless, the breach represents a serious security concern for the courts.
System Vulnerabilities Previously Identified by Officials
Michael Scudder, who chairs the Committee on Information Technology for the federal courts' national policymaking body, had previously warned about these exact vulnerabilities. In June testimony before the House Judiciary Committee, he described the CM/ECF and PACER systems as "outdated, unsustainable due to cyber risks, and require replacement."
Scudder also emphasized the severity of threats facing the judiciary, noting that because federal courts hold extremely sensitive information, they face "unrelenting security threats of extraordinary gravity." His warnings now appear prescient in light of the current breach.
The attack comes as officials were still investigating another significant hack of the federal court system dating back to early 2020. That incident, described as "startling" by then-House Judiciary Chair Jerry Nadler, involved three foreign hacking groups.
Questions Remain About Breach Timeline and Response
Authorities have not yet disclosed when the breach was first detected or how long hackers may have had access to sensitive court documents. The timeline of the intrusion remains one of several critical unanswered questions about the attack.
It remains unclear whether this incident is connected to the previously reported 2020 hack involving foreign actors. The identity of the perpetrators behind the current breach has not been publicly revealed, leaving open the possibility of both domestic and foreign involvement.
The federal judiciary now faces the challenge of addressing immediate security concerns while also accelerating plans to replace the vulnerable systems. Scudder had previously indicated that developing a more modernized replacement would need to "be developed and rolled out on an incremental basis."
