Follow up to Federal court filing system hit in sweeping hack and the New York Times Russia Is Suspected to Be Behind Breach of Federal Court Filing System – See Politico: “The intrusion into the federal judiciary’s case filing system was like “taking candy from a baby,” said one person with knowledge of the hack. The latest intrusion is a “continuation of the same rudimentary security issues” that have been present since 2020, said a senior U.S. law enforcement official. A sweeping hack of the federal judiciary’s case filing system exploited unresolved security holes discovered five years ago — allowing hacking groups to steal reams of sensitive court data in the ongoing breach. POLITICO first reported last week that officials are concerned that multiple nation-state and criminal hacking groups exfiltrated sealed case data from at least a dozen district courts since at least July. The attack mirrored another significant breach into the court filing system in 2020 under the first Trump administration, though it was not clear until now how the hackers slipped inside the system and whether both incidents were connected. Despite the sensitive court data that was exposed, the ongoing cyber intrusion was not particularly sophisticated and took advantage of issues previously uncovered inside the federal court filing system, according to one person with direct knowledge of the hack and one senior U.S. law enforcement official. The system — called CM/ECF — enables legal professionals to upload and manage court documents. The latest intrusion is a “continuation of the same rudimentary security issues” that have been present since 2020, said the law enforcement official. This person, like others in this story, was granted anonymity due to the sensitive and ongoing nature of the incident. The person with direct knowledge of the breach said that investigators suspect that Russian hackers played a role in the earlier intrusion and in the current one, and have grown bolder about how much data they steal over time. That includes pilfering source code for the filing system from at least three federal district courts and vacuuming up sealed case data. That contrasts with a more targeted approach taken in the breach discovered in 2020. The details about the methods used to infiltrate the digital filing system in recent months and in 2020, which have not been previously reported, underscore how easy it has been for foreign hackers to steal highly sensitive data held by the federal judiciary, possibly including sealed arrest and search warrants as well as information on witnesses and ongoing criminal probes…”

See also Wired – The First Federal Cybersecurity Disaster of Trump 2.0 Has Arrived. The breach of the US Courts records system came to light more than a month after the attack was discovered. Details about what was exposed—and who’s responsible—remain unclear.