Russia is suspected to be behind breach of US federal court filing system

Evidence implicates Russia in a sophisticated breach of the U.S. federal court’s CM/ECF and PACER systems, compromising sealed records, including those tied to national security cases. The attack, potentially spanning years, exploited known vulnerabilities in the outdated platforms, raising fears of leaked sensitive filings.

Federal officials are urgently assessing the damage across at least eight district courts, including South Dakota, Missouri, and New York. “Persistent and sophisticated cyber threat actors have recently compromised sealed records,” an internal memo warned, urging immediate action to secure documents. Chief Judge Brodie in New York’s Eastern District banned uploading sealed files to PACER, mandating storage on separate drives.

Investigators note searches targeted midlevel criminal cases, some involving Russian and Eastern European surnames, suggesting a focused effort. The breach, predating July 2025, echoes a 2021 cyberattack also attributed to Russia. Courts have since restricted overseas access to systems, issued burner phones, and implemented multifactor authentication.

Despite these measures, former officials admit the sprawling system’s complexity hinders full protection. The intrusion’s timing, ahead of Trump’s meeting with Putin in Alaska, underscores its gravity. Federal courts are now bolstering cybersecurity, but the breach exposes ongoing gaps in safeguarding sensitive judicial data against foreign adversaries.