NYT: Russia suspected in major hack of US federal court filing system

Investigators have uncovered evidence suggesting Russia may be partly responsible for a recent cyberattack on the U.S. federal court filing system, which manages sensitive documents, including cases involving national security, sources, and individuals charged with crimes, according to sources familiar with the matter, quoted by The New York Times.

It remains unclear whether Russian intelligence or other foreign actors were involved. Some searches targeted midlevel criminal cases in New York and other jurisdictions, including cases involving people with Russian and Eastern European surnames. Officials described the intrusion as part of a possible years-long effort to infiltrate the system.

The disclosure comes ahead of a planned meeting between President Trump and Russian President Vladimir Putin in Alaska.

Court administrators warned Justice Department officials and judges that “persistent and sophisticated cyber threat actors have recently compromised sealed records,” advising them to remove the most sensitive files immediately. The breaches affected at least eight district courts, including those in New York, South Dakota, Missouri, Iowa, Minnesota, and Arkansas.

In response, the Eastern District of New York prohibited uploading sealed documents to PACER, moving sensitive filings to a separate, secure drive. Courts are scrambling to assess the damage and address vulnerabilities in the Case Management/Electronic Case Files system.

Officials have been quietly implementing defensive measures since 2021, following an earlier cyberattack, including hand-delivering sensitive filings, barring judges from accessing systems abroad, issuing burner phones, and introducing multifactor authentication.

Former law enforcement officials described the breach as “extremely serious,” though the full scope remains under investigation. Concerns over foreign intrusions into the courts’ electronic filing system date back to early 2020, with multiple foreign actors reportedly exploiting vulnerabilities.

By Tamilla Hasanova