Russia said to be behind US Federal Court systems hack

Published: 12 August 2025
Last updated: 13 August 2025
cyber war
Image by Cybernews

New allegations on Tuesday say Kremlin-linked hackers may be partly responsible for the recent breach of the US Federal Court filing systems, the New York Times reports.

Key takeaways:
  • Russia is being blamed for what could be a years-long breach of the US federal court filing system.
  • Hackers searched criminal case files in eight jurisdictions, including NYC, some tied to Russian and Eastern European surnames.
  • The federal judiciary is scrambling to move sensitive files offline and tightening security measures.

“Investigators have uncovered evidence that Russia is at least partly responsible for a recent hack of the computer system that manages federal court documents,” the Times said.

ADVERTISEMENT

The new information is said to come from several people briefed on the August 7th attack, in which hackers broke into the federal judiciary's electronic case filing system.

The breach is thought to have exposed sensitive court data in several states, including “highly sensitive records with information that could reveal sources and people charged with national security crimes,” the Times noted. Some sealed records were part of the cache of compromised files.

The timing of the discovery happens to coincide with a scheduled meeting between US President Donald Trump and Russian President Vladimir Putin in Alaska on Friday. Trump is expected to discuss a possible end to the war in Ukraine.

putin-trump
Image by Cybernews.

Sophisticated and persistent threat

The Department of Justice is still trying to determine when exactly the court management system was compromised, which Politico sources who first reported the story last Wednesday – say happened on or around July 4th.

It’s also unclear if the breach was orchestrated by Russian intelligence services (FSB, SVR, and GRU), which consists of multiple cyber units, including APT 29/Cozy Bear, APT28/Fancy Bear, APT 44/Sandworm, and Star Blizzard.

ADVERTISEMENT

Furthermore, it is unknown if any other countries or nation-state threat actors were part of the effort.

Earlier this month, it was reported that Russia was shifting its focus away from the US to target the UK in an attempt to smooth ties with Trump.

However, people familiar with the investigation described the intrusion as a “years-long effort to infiltrate the system,” the Times said. US Court officials have also described the threat actors responsible as “persistent and sophisticated."

Additionally, the hackers were found initially targeting certain criminal case documents with overseas ties in at least eight district courts, the Times reported.

Some of the searches were said to have included “midlevel criminal cases in the New York City area and other jurisdictions, with some cases involving people with Russian and Eastern European surnames.”

US Federal Court house
Image by Maria Kray | Shutterstock

Nick Tausek, Lead Security Automation Architect at Swimlane says while the focus is on Russia, “it’s important to note the Times report states that Russia was ‘in part’ responsible.”

“This implies that there could be additional actors, be it other foreign nations or cyber threat groups, working together with Russia to infiltrate US cyber defenses.”

“The campaign to gain access to these systems reportedly spanned across several years, which should raise major red flags about the safety of US data,” Tausek said.

ADVERTISEMENT

Beefing up system security

The US Court Case Management/Electronic Case Files ( CM/ECF) system is used by legal professionals to upload and manage case documents. It also houses the publicly available pay-for-access system known as PACER, or Public Access to Court Electronic Records.

According to Politico, the judiciary has also been concerned the hack exposed the identities of confidential informants involved in criminal cases at multiple federal district courts.

“These sensitive documents can be targets of interest to a range of threat actors,” the US Courts said in a statement released August 7th.

Paulina Okunyte vilius Gintaras Radauskas jurgita
Get our latest stories today on Google News
Google News Follow us

Since the attack, the judiciary has been urgently scrambling to beef up security measures and quickly remove the most sensitive documents from the filing system, with some judges in the Eastern District of New York ordering those case files to be uploaded to a completely separate drive.

Russia has long been proven to target the US with huge cyberattacks, including tampering with election results and hampering critical infrastructure, Taausek explains.

“Implementing more robust cybersecurity measures is essential for strengthening not only the defenses themselves, but the confidence in the US’s ability to defend sensitive information from malicious adversaries.”

ransomware russia
Image by Cybernews

Tausek says this includes proactive security defenses that can autonomously identify where attacks could occur and patch vulnerabilities before they can be exploited.

ADVERTISEMENT

“It also means ensuring that government officials with high security clearances receive ongoing education in proper cyber hygiene to minimize the risk of accidental exposure of confidential information,” he added.

“To better protect them, courts have been implementing more rigorous procedures to restrict access to sensitive documents under carefully controlled and monitored circumstances,” the federal judiciary said.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT